Allow bearer auth on Active Storage downloads
This commit is contained in:
@@ -57,7 +57,7 @@ module Authentication
|
||||
|
||||
def authenticate_by_bearer_token
|
||||
if request.authorization.to_s.include?("Bearer")
|
||||
if request.format.json?
|
||||
if bearer_token_authenticatable_request?
|
||||
authenticate_or_request_with_http_token do |token|
|
||||
if identity = Identity.find_by_permissable_access_token(token, method: request.method)
|
||||
Current.identity = identity
|
||||
@@ -69,6 +69,10 @@ module Authentication
|
||||
end
|
||||
end
|
||||
|
||||
def bearer_token_authenticatable_request?
|
||||
request.format.json?
|
||||
end
|
||||
|
||||
def request_authentication
|
||||
if Current.account.present?
|
||||
session[:return_to_after_authenticating] = request.url
|
||||
|
||||
@@ -31,6 +31,10 @@ Rails.application.config.to_prepare do
|
||||
end
|
||||
|
||||
private
|
||||
def bearer_token_authenticatable_request?
|
||||
true
|
||||
end
|
||||
|
||||
def publicly_accessible_blob?
|
||||
@blob.publicly_accessible?
|
||||
end
|
||||
|
||||
Reference in New Issue
Block a user