[openstreetmap/openstreetmap-website] Return an error when a disabled authentication mechanism is used (PR #4496)
Andy Allan
notifications at github.com
Wed May 15 15:33:55 UTC 2024
OK, this looks fine to me.
I had to do some reading as to the differences between OAuth 1.0 vs 1.0a, and also (re-)learning about how the rails filter chains work since it wasn't initially obvious to me that rendering in the filter was enough to stop the rest of the action from running too.
It's a little complex to understand how the `Settings.oauth_10_support` and `Settings.oauth_10a_support` interact, since the second also affects oauth 1.0 tokens, but hopefully we can clean this up soon. In reality, OAuth 1.0 is already turned off anyway.
With regards to Basic Auth, we'll need to do some work to remove usage of basic_auth in our tests in the near future.
--
Reply to this email directly or view it on GitHub:
https://github.com/openstreetmap/openstreetmap-website/pull/4496#issuecomment-2112871787
You are receiving this because you are subscribed to this thread.
Message ID: <openstreetmap/openstreetmap-website/pull/4496/c2112871787 at github.com>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.openstreetmap.org/pipermail/rails-dev/attachments/20240515/0c54b597/attachment.htm>
More information about the rails-dev
mailing list