Infrastructure/ghost
0
Fork 0
mirror of https://github.com/TryGhost/Ghost.git synced 2025-01-06 22:40:14 -05:00
Code Issues Activity

allow api requests to be made with the access token as a query parameter

Browse source 
closes #6040
- adds check for access token query parameter in auth middleware
This commit is contained in:
Austin Burdine 2015-11-12 11:26:18 -06:00
parent 2cfc46d561
commit 67a6b4c07b
2 changed files with 18 additions and 0 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

2
core/server/middleware/auth.js
View file

@ -19,6 +19,8 @@ function isBearerAutorizationHeader(req) {
if (req.headers && req.headers.authorization) { if (req.headers && req.headers.authorization) {
parts = req.headers.authorization.split(' '); parts = req.headers.authorization.split(' ');
} else if (req.query && req.query.access_token) {
return true;
} else { } else {
return false; return false;
} }

16
core/test/functional/routes/api/db_spec.js
View file

@ -47,4 +47,20 @@ describe('DB API', function () {
done(); done();
}); });
}); });
it('should work with access token set as query parameter', function (done) {
request.get(testUtils.API.getApiQuery('db/?access_token=' + accesstoken))
.expect('Content-Type', /json/)
.expect(200)
.end(function (err, res) {
if (err) {
return done(err);
}
var jsonResponse = res.body;
should.exist(jsonResponse.db);
jsonResponse.db.should.have.length(1);
done();
});
});
}); });