Skip to content
Projects
Groups
Snippets
Help
Loading...
Help
Support
Keyboard shortcuts
?
Submit feedback
Contribute to GitLab
Sign in / Register
Toggle navigation
G
gitlab-ce
Project overview
Project overview
Details
Activity
Releases
Repository
Repository
Files
Commits
Branches
Tags
Contributors
Graph
Compare
Issues
0
Issues
0
List
Boards
Labels
Milestones
Merge Requests
0
Merge Requests
0
Analytics
Analytics
Repository
Value Stream
Wiki
Wiki
Snippets
Snippets
Members
Members
Collapse sidebar
Close sidebar
Activity
Graph
Create a new issue
Commits
Issue Boards
Open sidebar
Tatuya Kamada
gitlab-ce
Commits
8b6041bc
Commit
8b6041bc
authored
Mar 22, 2017
by
Rémy Coutable
Browse files
Options
Browse Files
Download
Email Patches
Plain Diff
Don't try to find a user by personal_access_token if the token is nil
Signed-off-by:
Rémy Coutable
<
remy@rymai.me
>
parent
c62314ab
Changes
2
Show whitespace changes
Inline
Side-by-side
Showing
2 changed files
with
7 additions
and
2 deletions
+7
-2
app/controllers/application_controller.rb
app/controllers/application_controller.rb
+5
-2
app/models/user.rb
app/models/user.rb
+2
-0
No files found.
app/controllers/application_controller.rb
View file @
8b6041bc
...
...
@@ -64,8 +64,11 @@ class ApplicationController < ActionController::Base
# This filter handles both private tokens and personal access tokens
def
authenticate_user_from_private_token!
token_string
=
params
[
:private_token
].
presence
||
request
.
headers
[
'PRIVATE-TOKEN'
].
presence
user
=
User
.
find_by_authentication_token
(
token_string
)
||
User
.
find_by_personal_access_token
(
token_string
)
token
=
params
[
:private_token
].
presence
||
request
.
headers
[
'PRIVATE-TOKEN'
].
presence
return
unless
token
.
present?
user
=
User
.
find_by_authentication_token
(
token
)
||
User
.
find_by_personal_access_token
(
token
)
if
user
&&
can?
(
user
,
:log_in
)
# Notice we are passing store false, so the user is not
...
...
app/models/user.rb
View file @
8b6041bc
...
...
@@ -324,6 +324,8 @@ class User < ActiveRecord::Base
end
def
find_by_personal_access_token
(
token_string
)
return
unless
token_string
PersonalAccessTokensFinder
.
new
(
state:
'active'
).
find_by
(
token:
token_string
)
&
.
user
end
...
...
Write
Preview
Markdown
is supported
0%
Try again
or
attach a new file
Attach a file
Cancel
You are about to add
0
people
to the discussion. Proceed with caution.
Finish editing this message first!
Cancel
Please
register
or
sign in
to comment