mirror of
https://github.com/go-gitea/gitea
synced 2024-12-25 23:54:55 +01:00
API calls authorized with HTTP header
This mod allows API calls to be authorized with HTTP header when ENABLE_REVERSE_PROXY_AUTHENTICATION is enabled. Without it user authenticated by reverse proxy is able to access gitea UI but not API which is inconsistent. Author-Change-Id: IB#1107572
This commit is contained in:
parent
0a23079485
commit
dc952c0632
1 changed files with 4 additions and 0 deletions
|
@ -197,6 +197,10 @@ func reqToken() func(ctx *context.APIContext) {
|
||||||
return
|
return
|
||||||
}
|
}
|
||||||
if ctx.IsSigned {
|
if ctx.IsSigned {
|
||||||
|
// Don't require token if already authenticated by reverse proxy.
|
||||||
|
if setting.Service.EnableReverseProxyAuth {
|
||||||
|
return
|
||||||
|
}
|
||||||
ctx.RequireCSRF()
|
ctx.RequireCSRF()
|
||||||
return
|
return
|
||||||
}
|
}
|
||||||
|
|
Loading…
Reference in a new issue