From 1eb8c537c18acfef6ac8e11a7afd0c6647be6bc6 Mon Sep 17 00:00:00 2001
From: Ray Schamp <ray@scratch.mit.edu>
Date: Tue, 22 Mar 2016 14:43:44 -0400
Subject: [PATCH] Add method for using token in api requests

Requires a change on the api to read the token from the querystring.
---
 src/mixins/api.jsx | 10 ++++++++++
 1 file changed, 10 insertions(+)

diff --git a/src/mixins/api.jsx b/src/mixins/api.jsx
index 2c82b9e80..47ee8faff 100644
--- a/src/mixins/api.jsx
+++ b/src/mixins/api.jsx
@@ -33,6 +33,13 @@ var Api = {
                 // custom headers.
                 defaults(opts, {useXDR: true});
                 delete opts.headers;
+                if (opts.authentication) {
+                    var authenticationParams = ['x-token=' + opts.authentication];
+                    var parts = opts.uri.split('?');
+                    var qs = (parts[1] || '').split('&').concat(authenticationParams).join('&');
+                    opts.uri = parts[0] + '?' + qs;
+
+                }
             }
             xhr(opts, function (err, res, body) {
                 if (err) log.error(err);
@@ -50,6 +57,9 @@ var Api = {
         if (typeof jar.get('scratchlanguage') !== 'undefined') {
             opts.headers['Accept-Language'] = jar.get('scratchlanguage') + ', en;q=0.8';
         }
+        if (opts.authentication) {
+            opts.headers['X-Token'] = opts.authentication;
+        }
         if (opts.useCsrf) {
             jar.use('scratchcsrftoken', '/csrf_token/', function (err, csrftoken) {
                 if (err) return log.error('Error while retrieving CSRF token', err);