Author: tchemit Date: 2012-10-17 01:15:36 +0200 (Wed, 17 Oct 2012) New Revision: 370 Url: http://nuiton.org/repositories/revision/jredmine/370 Log: refs #2197: Can use api Key to connect to redmine (do it for jredmine-1.x) Modified: trunk/jredmine-client/src/main/redmine/jredmine-1.x/app/controllers/jredmine_controller.rb Modified: trunk/jredmine-client/src/main/redmine/jredmine-1.x/app/controllers/jredmine_controller.rb =================================================================== --- trunk/jredmine-client/src/main/redmine/jredmine-1.x/app/controllers/jredmine_controller.rb 2012-10-16 22:37:06 UTC (rev 369) +++ trunk/jredmine-client/src/main/redmine/jredmine-1.x/app/controllers/jredmine_controller.rb 2012-10-16 23:15:36 UTC (rev 370) @@ -55,7 +55,8 @@ render_status 405, "POST method required" else # Authenticate user - user = User.try_to_login(params[:username], params[:password]) + #user = User.try_to_login(params[:username], params[:password]) + user = find_current_user if user.nil? # Invalid credentials render_status 401, "Invalid credentials" @@ -453,15 +454,37 @@ # Returns the current user or nil if no user is logged in def find_current_user + user = nil if session[:user_id] # existing session - (User.active.find(session[:user_id]) rescue nil) + user = (User.active.find(session[:user_id]) rescue nil) elsif cookies[:autologin] # auto-login feature - User.find_by_autologin_key(cookies[:autologin]) + user = User.find_by_autologin_key(cookies[:autologin]) end + if user.nil? && Setting.rest_api_enabled? + if (key = api_key_from_request) + # Use API key + user = User.find_by_api_key(key) + else + # HTTP Basic, either username/password or API key/random + authenticate_with_http_basic do |username, password| + user = User.try_to_login(username, password) || User.find_by_api_key(username) + end + end + end + user end + # Returns the API key present in the request + def api_key_from_request + if params[:key].present? + params[:key].to_s + elsif request.headers["X-Redmine-API-Key"].present? + request.headers["X-Redmine-API-Key"].to_s + end + end + def find_project( pid = params[:pid] ) begin @project = Project.find(pid)