|
|
@@ -230,13 +230,10 @@ func reqExploreSignIn() func(ctx *context.APIContext) { |
|
|
|
} |
|
|
|
} |
|
|
|
|
|
|
|
func reqBasicOrRevProxyAuth() func(ctx *context.APIContext) { |
|
|
|
func reqBasicAuth() func(ctx *context.APIContext) { |
|
|
|
return func(ctx *context.APIContext) { |
|
|
|
if ctx.IsSigned && setting.Service.EnableReverseProxyAuth && ctx.Data["AuthedMethod"].(string) == auth.ReverseProxyMethodName { |
|
|
|
return |
|
|
|
} |
|
|
|
if !ctx.Context.IsBasicAuth { |
|
|
|
ctx.Error(http.StatusUnauthorized, "reqBasicOrRevProxyAuth", "auth required") |
|
|
|
ctx.Error(http.StatusUnauthorized, "reqBasicAuth", "auth required") |
|
|
|
return |
|
|
|
} |
|
|
|
ctx.CheckForOTP() |
|
|
@@ -598,9 +595,6 @@ func buildAuthGroup() *auth.Group { |
|
|
|
&auth.HTTPSign{}, |
|
|
|
&auth.Basic{}, // FIXME: this should be removed once we don't allow basic auth in API |
|
|
|
) |
|
|
|
if setting.Service.EnableReverseProxyAuth { |
|
|
|
group.Add(&auth.ReverseProxy{}) |
|
|
|
} |
|
|
|
specialAdd(group) |
|
|
|
|
|
|
|
return group |
|
|
@@ -690,7 +684,7 @@ func Routes(ctx gocontext.Context) *web.Route { |
|
|
|
m.Combo("").Get(user.ListAccessTokens). |
|
|
|
Post(bind(api.CreateAccessTokenOption{}), user.CreateAccessToken) |
|
|
|
m.Combo("/{id}").Delete(user.DeleteAccessToken) |
|
|
|
}, reqBasicOrRevProxyAuth()) |
|
|
|
}, reqBasicAuth()) |
|
|
|
}, context_service.UserAssignmentAPI()) |
|
|
|
}) |
|
|
|
|