diff options
| author | Michael Kozono <mkozono@gmail.com> | 2017-09-15 10:31:32 -0700 |
|---|---|---|
| committer | Francisco Lopez <fjlopez@gitlab.com> | 2017-11-17 09:58:18 +0100 |
| commit | dc9266fbeacd24446b52e4dad328c8286be40b31 (patch) | |
| tree | f882ee2eac622aa6daafa71d80663d6a5014d3b9 /app/controllers | |
| parent | 732b122644bf56729996b3cc239453f537a798f4 (diff) | |
| download | gitlab-ce-dc9266fbeacd24446b52e4dad328c8286be40b31.tar.gz | |
Add request throttles
Diffstat (limited to 'app/controllers')
| -rw-r--r-- | app/controllers/application_controller.rb | 12 |
1 files changed, 10 insertions, 2 deletions
diff --git a/app/controllers/application_controller.rb b/app/controllers/application_controller.rb index 3be7aee69bc..42eae408fdc 100644 --- a/app/controllers/application_controller.rb +++ b/app/controllers/application_controller.rb @@ -11,8 +11,7 @@ class ApplicationController < ActionController::Base include EnforcesTwoFactorAuthentication include WithPerformanceBar - before_action :authenticate_user_from_personal_access_token! - before_action :authenticate_user_from_rss_token! + before_action :authenticate_sessionless_user! before_action :authenticate_user! before_action :validate_user_service_ticket! before_action :check_password_expiration @@ -100,6 +99,7 @@ class ApplicationController < ActionController::Base return try(:authenticated_user) end +<<<<<<< HEAD def authenticate_user_from_personal_access_token! token = params[:private_token].presence || request.headers['PRIVATE-TOKEN'].presence @@ -121,6 +121,14 @@ class ApplicationController < ActionController::Base user = User.find_by_rss_token(token) sessionless_sign_in(user) +======= + # This filter handles private tokens, personal access tokens, and atom + # requests with rss tokens + def authenticate_sessionless_user! + user = Gitlab::Auth.find_sessionless_user(request) + + sessionless_sign_in(user) if user +>>>>>>> Add request throttles end def log_exception(exception) |