IntenseWebs/discourse
3
0
Fork 0
mirror of https://github.com/discourse/discourse.git synced 2025-02-25 18:55:32 -06:00
Code Issues Packages Projects Releases Wiki Activity

FEATURE: Delegated authentication via user api keys (#7272)

Browse Source
This commit is contained in:
Penar Musaraj
2019-04-01 13:18:53 -04:00
committed by GitHub
parent 25feb287b8
commit fdf4145d4b
13 changed files with 342 additions and 23 deletions
Download Patch File Download Diff File Expand all files Collapse all files

6
app/models/user_api_key.rb
View File

@@ -5,6 +5,7 @@ class UserApiKey < ActiveRecord::Base
write: [:get, :post, :patch, :put, :delete],
message_bus: [[:post, 'message_bus']],
push: nil,
one_time_password: nil,
notifications: [[:post, 'message_bus'], [:get, 'notifications#index'], [:put, 'notifications#mark_read']],
session_info: [
[:get, 'session#current'],
@@ -63,6 +64,11 @@ class UserApiKey < ActiveRecord::Base
end
end
def self.invalid_auth_redirect?(auth_redirect)
return SiteSetting.allowed_user_api_auth_redirects
.split('|')
.none? { |u| WildcardUrlChecker.check_url(u, auth_redirect) }
end
end
# == Schema Information