- 07 Mar, 2017 1 commit
-
-
Markus Koller authored
Gitlab::Auth.find_with_user_password is currently used in these places: - resource_owner_from_credentials in config/initializers/doorkeeper.rb, which is used for the OAuth Resource Owner Password Credentials flow - the /session API call in lib/api/session.rb, which is used to reveal the user's current authentication_token In both cases users should only be authenticated if they're in the active state.
-
- 06 Mar, 2017 4 commits
-
-
Pawel Chojnacki authored
+ rename shared context
-
Pawel Chojnacki authored
-
Pawel Chojnacki authored
-
Pawel Chojnacki authored
-
- 16 Dec, 2016 1 commit
-
-
Timothy Andrew authored
- Move the `Oauth2::AccessTokenValidationService` class to `AccessTokenValidationService`, since it is now being used for personal access token validation as well. - Each API endpoint declares the scopes it accepts (if any). Currently, the top level API module declares the `api` scope, and the `Users` API module declares the `read_user` scope (for GET requests). - Move the `find_user_by_private_token` from the API `Helpers` module to the `APIGuard` module, to avoid littering `Helpers` with more auth-related methods to support `find_user_by_private_token`
-
- 01 Jul, 2016 1 commit
-
-
Grzegorz Bizon authored
-
- 27 Jun, 2016 1 commit
-
-
Z.J. van de Weg authored
-
- 22 Jun, 2015 1 commit
-
-
Dmitriy Zaporozhets authored
Signed-off-by: Dmitriy Zaporozhets <dmitriy.zaporozhets@gmail.com>
-
- 12 Feb, 2015 1 commit
-
-
Jeroen van Baarsen authored
Signed-off-by: Jeroen van Baarsen <jeroenvanbaarsen@gmail.com>
-
- 24 Dec, 2014 1 commit
-
-
Valery Sizov authored
-