Infrastructure/ghost
0
Fork 0
mirror of https://github.com/TryGhost/Ghost.git synced 2025-03-11 02:12:21 -05:00
Code Issues Activity

Removed brute force middleware form content api (#10353)

Browse source 
* Removed brute force middleware form content api

no-issue

This is just temporary

* Skipped brute test for content api
This commit is contained in:
Fabien O'Carroll 2019-01-09 11:38:03 +01:00 committed by GitHub
parent dcaed2be3c
commit 63c8c310fb
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
2 changed files with 4 additions and 2 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

4
core/server/web/api/v2/content/middleware.js
View file

@ -14,7 +14,9 @@ const shared = require('../../../shared');
* Authentication for public endpoints * Authentication for public endpoints
*/ */
module.exports.authenticatePublic = [ module.exports.authenticatePublic = [
shared.middlewares.brute.contentApiKey, /* @TODO: put this back
* shared.middlewares.brute.contentApiKey,
*/
auth.authenticate.authenticateContentApi, auth.authenticate.authenticateContentApi,
auth.authorize.authorizeContentApi, auth.authorize.authorizeContentApi,
cors(), cors(),

2
core/test/unit/web/api/v2/content/middleware_spec.js
View file

@ -6,7 +6,7 @@ describe('Content Api v2 middleware', function () {
should.exist(middleware.authenticatePublic); should.exist(middleware.authenticatePublic);
}); });
describe('authenticatePublic', function () { describe.skip('authenticatePublic', function () {
it('uses brute content api middleware as the first middleware in the chain', function () { it('uses brute content api middleware as the first middleware in the chain', function () {
const firstMiddleware = middleware.authenticatePublic[0]; const firstMiddleware = middleware.authenticatePublic[0];
const brute = require('../../../../../../server/web/shared/middlewares/brute'); const brute = require('../../../../../../server/web/shared/middlewares/brute');