FEATURE: support HEAD request to /user-api-key/new

This allows us to cleanly sniff to find if it exists
2024-11-27 09:36:19 -05:00 · 2016-08-17 09:58:19 +10:00 · 2016-08-17 09:58:19 +10:00 · a25a8115e8
commit a25a8115e8
parent dc4799dda2
2 changed files with 16 additions and 1 deletions
--- a/app/controllers/user_api_keys_controller.rb
+++ b/app/controllers/user_api_keys_controller.rb
@ -6,7 +6,15 @@ class UserApiKeysController < ApplicationController
  skip_before_filter :check_xhr, :preload_json
  before_filter :ensure_logged_in, only: [:create, :revoke, :undo_revoke]

+  AUTH_API_VERSION ||= 1
+
  def new
+
+    if request.head?
+      head :ok, auth_api_version: AUTH_API_VERSION
+      return
+    end
+
    require_params
    validate_params

@ -31,7 +39,6 @@ class UserApiKeysController < ApplicationController

    require_params

-
    unless SiteSetting.allowed_user_api_auth_redirects
                      .split('|')
                      .any?{|u| params[:auth_redirect] == u}
--- a/spec/controllers/user_api_keys_controller_spec.rb
+++ b/spec/controllers/user_api_keys_controller_spec.rb
@ -44,6 +44,14 @@ TXT
    }
  end

+  context 'new' do
+    it "supports a head request cleanly" do
+      head :new
+      expect(response.code).to eq("200")
+      expect(response.headers["Auth-Api-Version"]).to eq("1")
+    end
+  end
+
  context 'create' do

    it "does not allow anon" do