mirror of
https://github.com/invoiceninja/invoiceninja.git
synced 2024-09-20 08:21:34 +02:00
Allow ping with api_secret or account token
This commit is contained in:
Hillel Coren
parent
ab52dcdc15
commit
2ca410d92e
@ -28,7 +28,6 @@ class ApiCheck
|
|||||||
{
|
{
|
||||||
$loggingIn = $request->is('api/v1/login')
|
$loggingIn = $request->is('api/v1/login')
|
||||||
|| $request->is('api/v1/register')
|
|| $request->is('api/v1/register')
|
||||||
|| $request->is('api/v1/ping')
|
|
||||||
|| $request->is('api/v1/oauth_login');
|
|| $request->is('api/v1/oauth_login');
|
||||||
|
|
||||||
$headers = Utils::getApiHeaders();
|
$headers = Utils::getApiHeaders();
|
||||||
@ -55,6 +54,8 @@ class ApiCheck
|
|||||||
if ($token && $token->user) {
|
if ($token && $token->user) {
|
||||||
Auth::onceUsingId($token->user_id);
|
Auth::onceUsingId($token->user_id);
|
||||||
Session::set('token_id', $token->id);
|
Session::set('token_id', $token->id);
|
||||||
|
} elseif ($hasApiSecret && $request->is('api/v1/ping')) {
|
||||||
|
// do nothing: allow ping with api_secret or account token
|
||||||
} else {
|
} else {
|
||||||
sleep(ERROR_DELAY);
|
sleep(ERROR_DELAY);
|
||||||
$error['error'] = ['message' => 'Invalid token'];
|
$error['error'] = ['message' => 'Invalid token'];
|
||||||
|
|||||||
Loading…
Reference in New Issue
Block a user