From f7c23bb4359ba5447d8f9ef0e1ff128b74af041e Mon Sep 17 00:00:00 2001
From: simon lehericey <simon.lehericey@gmail.com>
Date: Wed, 26 Sep 2018 16:24:19 +0200
Subject: [PATCH] ApiController: remove ensure_token_is_present

An admin without token answer false to admin.api_token_valid?(api_token) with api_token=*
---
 app/controllers/api_controller.rb | 11 -----------
 1 file changed, 11 deletions(-)

diff --git a/app/controllers/api_controller.rb b/app/controllers/api_controller.rb
index 943080dec..4fd27319c 100644
--- a/app/controllers/api_controller.rb
+++ b/app/controllers/api_controller.rb
@@ -7,11 +7,6 @@ class APIController < ApplicationController
     ```
   EOS
 
-  # deny request with an empty token as we do not want it
-  # to match the first admin with an empty token
-  # it should not happen as an empty token is serialized by ''
-  # and a administrateur without token has admin.api_token == nil
-  before_action :ensure_token_is_present
   before_action :default_format_json
 
   protected
@@ -24,12 +19,6 @@ class APIController < ApplicationController
     request.format = "json" if !request.params[:format]
   end
 
-  def ensure_token_is_present
-    if params[:token].blank? && header_token.blank?
-      render json: {}, status: 401
-    end
-  end
-
   def token
     params_token.presence || header_token
   end