Discourse/discourse
Discourse/discourse
2
0
Fork 0
mirror of https://github.com/discourse/discourse.git synced 2025-09-07 12:02:53 +08:00
Code Packages Activity Actions 5

FEATURE: Delegated authentication via user api keys (#7272)

Browse source
This commit is contained in:
Penar Musaraj 2019-04-01 13:18:53 -04:00 committed by GitHub
parent 25feb287b8
commit fdf4145d4b
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
13 changed files with 342 additions and 23 deletions
Download patch file Download diff file Expand all files Collapse all files

6
app/models/user_api_key.rb
View file

@ -5,6 +5,7 @@ class UserApiKey < ActiveRecord::Base
write: [:get, :post, :patch, :put, :delete],
message_bus: [[:post, 'message_bus']],
push: nil,
one_time_password: nil,
notifications: [[:post, 'message_bus'], [:get, 'notifications#index'], [:put, 'notifications#mark_read']],
session_info: [
[:get, 'session#current'],
@ -63,6 +64,11 @@ class UserApiKey < ActiveRecord::Base
end
end
def self.invalid_auth_redirect?(auth_redirect)
return SiteSetting.allowed_user_api_auth_redirects
.split('|')
.none? { |u| WildcardUrlChecker.check_url(u, auth_redirect) }
end
end
# == Schema Information