mirror of
https://github.com/codeninjasllc/discourse.git
synced 2024-11-30 10:58:31 -05:00
FEATURE: support HEAD request to /user-api-key/new
This allows us to cleanly sniff to find if it exists
This commit is contained in:
parent
dc4799dda2
commit
a25a8115e8
2 changed files with 16 additions and 1 deletions
|
@ -6,7 +6,15 @@ class UserApiKeysController < ApplicationController
|
|||
skip_before_filter :check_xhr, :preload_json
|
||||
before_filter :ensure_logged_in, only: [:create, :revoke, :undo_revoke]
|
||||
|
||||
AUTH_API_VERSION ||= 1
|
||||
|
||||
def new
|
||||
|
||||
if request.head?
|
||||
head :ok, auth_api_version: AUTH_API_VERSION
|
||||
return
|
||||
end
|
||||
|
||||
require_params
|
||||
validate_params
|
||||
|
||||
|
@ -31,7 +39,6 @@ class UserApiKeysController < ApplicationController
|
|||
|
||||
require_params
|
||||
|
||||
|
||||
unless SiteSetting.allowed_user_api_auth_redirects
|
||||
.split('|')
|
||||
.any?{|u| params[:auth_redirect] == u}
|
||||
|
|
|
@ -44,6 +44,14 @@ TXT
|
|||
}
|
||||
end
|
||||
|
||||
context 'new' do
|
||||
it "supports a head request cleanly" do
|
||||
head :new
|
||||
expect(response.code).to eq("200")
|
||||
expect(response.headers["Auth-Api-Version"]).to eq("1")
|
||||
end
|
||||
end
|
||||
|
||||
context 'create' do
|
||||
|
||||
it "does not allow anon" do
|
||||
|
|
Loading…
Reference in a new issue