github-mirror/discourse
2
0
Fork 0
mirror of https://github.com/discourse/discourse.git synced 2025-06-02 04:08:41 +08:00
Code Issues Actions 1 Packages Projects Releases Wiki Activity

DEV: Add update message for an outdated mail-receiver

Browse Source 
Previous versions of the mail-receiver used query based api credentials,
if we detect this we will show a message in the admin panel to update
the mail receiver.
This commit is contained in:
Blake Erickson
2019-11-08 17:28:48 -07:00
parent 63bd07492e
commit 15f6f57cdc
3 changed files with 12 additions and 3 deletions
Download Patch File Download Diff File Expand all files Collapse all files

11
lib/auth/default_current_user_provider.rb
View File

@ -283,9 +283,16 @@ class Auth::DefaultCurrentUserProvider
def lookup_api_user(api_key_value, request)
if api_key = ApiKey.active.where(key: api_key_value).includes(:user).first
api_username = header_api_key? ? @env[HEADER_API_USERNAME] : request[API_USERNAME]
# Check for deprecated api auth
if !header_api_key?
# Notify admins of deprecated auth method
AdminDashboardData.add_problem_message('dashboard.deprecated_api_usage', 1.day)
if request.path == "/admin/email/handle_mail"
# Notify admins that the mail receiver is still using query auth and to update
AdminDashboardData.add_problem_message('dashboard.update_mail_receiver', 1.day)
else
# Notify admins of deprecated auth method
AdminDashboardData.add_problem_message('dashboard.deprecated_api_usage', 1.day)
end
end
if api_key.allowed_ips.present? && !api_key.allowed_ips.any? { |ip| ip.include?(request.ip) }