mirror of
				https://github.com/invoiceninja/invoiceninja.git
				synced 2025-10-26 06:12:52 -04:00 
			
		
		
		
	Allow ping with api_secret or account token
This commit is contained in:
		
							parent
							
								
									ab52dcdc15
								
							
						
					
					
						commit
						2ca410d92e
					
				| @ -28,7 +28,6 @@ class ApiCheck | |||||||
|     { |     { | ||||||
|         $loggingIn = $request->is('api/v1/login') |         $loggingIn = $request->is('api/v1/login') | ||||||
|             || $request->is('api/v1/register') |             || $request->is('api/v1/register') | ||||||
|             || $request->is('api/v1/ping') |  | ||||||
|             || $request->is('api/v1/oauth_login'); |             || $request->is('api/v1/oauth_login'); | ||||||
| 
 | 
 | ||||||
|         $headers = Utils::getApiHeaders(); |         $headers = Utils::getApiHeaders(); | ||||||
| @ -55,6 +54,8 @@ class ApiCheck | |||||||
|             if ($token && $token->user) { |             if ($token && $token->user) { | ||||||
|                 Auth::onceUsingId($token->user_id); |                 Auth::onceUsingId($token->user_id); | ||||||
|                 Session::set('token_id', $token->id); |                 Session::set('token_id', $token->id); | ||||||
|  |             } elseif ($hasApiSecret && $request->is('api/v1/ping')) { | ||||||
|  |                 // do nothing: allow ping with api_secret or account token
 | ||||||
|             } else { |             } else { | ||||||
|                 sleep(ERROR_DELAY); |                 sleep(ERROR_DELAY); | ||||||
|                 $error['error'] = ['message' => 'Invalid token']; |                 $error['error'] = ['message' => 'Invalid token']; | ||||||
|  | |||||||
		Loading…
	
	
			
			x
			
			
		
	
		Reference in New Issue
	
	Block a user