Cutlery/invoiceninja
1
0
Fork 0
mirror of https://github.com/invoiceninja/invoiceninja.git synced 2025-07-09 03:14:30 -04:00
Code Issues Packages Projects Releases Wiki Activity

Allow ping with api_secret or account token

Browse Source
This commit is contained in:
Hillel Coren 2017-03-05 12:30:08 +02:00
parent 301c36809c
commit 675f899744
1 changed files with 2 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
app/Http/Middleware/ApiCheck.php
View File

@ -54,6 +54,8 @@ class ApiCheck
if ($token && $token->user) {
Auth::onceUsingId($token->user_id);
Session::set('token_id', $token->id);
} elseif ($hasApiSecret && $request->is('api/v1/ping')) {
// do nothing: allow ping with api_secret or account token
} else {
sleep(ERROR_DELAY);
$error['error'] = ['message' => 'Invalid token'];