jaculabilis/danbooru
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity

sessions: fixup bugs in b2cf765d6.

Browse Source 
Deal with the cases where either the `login` param is given without the
`api_key`, or the `api_key` is given with the `login`.
This commit is contained in:
evazion
2020-03-26 22:43:34 -05:00
parent 578f99f3c2
commit 597d1304fd
1 changed files with 5 additions and 2 deletions
Download Patch File Download Diff File Expand all files Collapse all files

7
app/logical/session_loader.rb
View File

@@ -57,6 +57,8 @@ class SessionLoader
authenticate_basic_auth authenticate_basic_auth
elsif params[:login].present? && params[:api_key].present? elsif params[:login].present? && params[:api_key].present?
authenticate_api_key(params[:login], params[:api_key]) authenticate_api_key(params[:login], params[:api_key])
else
raise AuthenticationFailure
end end
end end
@@ -68,8 +70,9 @@ class SessionLoader
end end
def authenticate_api_key(name, api_key) def authenticate_api_key(name, api_key)
CurrentUser.user = User.find_by_name(name)&.authenticate_api_key(api_key) user = User.find_by_name(name)&.authenticate_api_key(api_key)
raise AuthenticationFailure unless Currentuser.user.present? raise AuthenticationFailure if user.blank?
CurrentUser.user = user
end end
def load_param_user(signed_user_id) def load_param_user(signed_user_id)