DGNum/demarches-normaliennes
13
1
Fork 0
Code Issues 1 Pull requests Projects Releases Packages Wiki Activity

ApiController: remove ensure_token_is_present

Browse source 
An admin without token answer false to admin.api_token_valid?(api_token) with api_token=*
This commit is contained in:
simon lehericey 2018-09-26 16:24:19 +02:00
parent 4a04f2e59f
commit f7c23bb435
1 changed files with 0 additions and 11 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

11
app/controllers/api_controller.rb
View file

@ -7,11 +7,6 @@ class APIController < ApplicationController
```
EOS
# deny request with an empty token as we do not want it
# to match the first admin with an empty token
# it should not happen as an empty token is serialized by ''
# and a administrateur without token has admin.api_token == nil
before_action :ensure_token_is_present
before_action :default_format_json
protected
@ -24,12 +19,6 @@ class APIController < ApplicationController
request.format = "json" if !request.params[:format]
end
def ensure_token_is_present
if params[:token].blank? && header_token.blank?
render json: {}, status: 401
end
end
def token
params_token.presence || header_token
end