Unfloyded/Legamunt
0
0
Fork 0
Code Activity

Add whitelist mode (#11291)

Browse source
This commit is contained in:
Eugen Rochko 2019-07-30 11:10:46 +02:00 committed by GitHub
parent 85b7b565de
commit 24552b5160
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
44 changed files with 302 additions and 53 deletions
Download patch file Download diff file Expand all files Collapse all files

9
app/controllers/api/base_controller.rb
View file

@ -9,6 +9,7 @@ class Api::BaseController < ApplicationController
skip_before_action :store_current_location
skip_before_action :require_functional!
before_action :require_authenticated_user!, if: :disallow_unauthenticated_api_access?
before_action :set_cache_headers
protect_from_forgery with: :null_session
@ -69,6 +70,10 @@ class Api::BaseController < ApplicationController
nil
end
def require_authenticated_user!
render json: { error: 'This API requires an authenticated user' }, status: 401 unless current_user
end
def require_user!
if !current_user
render json: { error: 'This method requires an authenticated user' }, status: 422
@ -94,4 +99,8 @@ class Api::BaseController < ApplicationController
def set_cache_headers
response.headers['Cache-Control'] = 'no-cache, no-store, max-age=0, must-revalidate'
end
def disallow_unauthenticated_api_access?
authorized_fetch_mode?
end
end