2013-05-14 12:33:31 +00:00
|
|
|
module API
|
2012-09-20 14:44:44 +00:00
|
|
|
class Session < Grape::API
|
2016-11-09 16:36:35 +00:00
|
|
|
desc 'Login to get token' do
|
2016-11-21 12:59:37 +00:00
|
|
|
success Entities::UserWithPrivateToken
|
2016-11-09 16:36:35 +00:00
|
|
|
end
|
|
|
|
params do
|
|
|
|
optional :login, type: String, desc: 'The username'
|
|
|
|
optional :email, type: String, desc: 'The email of the user'
|
|
|
|
requires :password, type: String, desc: 'The password of the user'
|
|
|
|
at_least_one_of :login, :email
|
|
|
|
end
|
2012-09-20 14:44:44 +00:00
|
|
|
post "/session" do
|
2016-06-10 12:51:16 +00:00
|
|
|
user = Gitlab::Auth.find_with_user_password(params[:email] || params[:login], params[:password])
|
2012-09-20 14:44:44 +00:00
|
|
|
|
2013-07-16 08:28:19 +00:00
|
|
|
return unauthorized! unless user
|
2016-08-17 22:39:20 +00:00
|
|
|
return render_api_error!('401 Unauthorized. You have 2FA enabled. Please use a personal access token to access the API', 401) if user.two_factor_enabled?
|
2016-11-21 12:59:37 +00:00
|
|
|
present user, with: Entities::UserWithPrivateToken
|
2012-09-20 14:44:44 +00:00
|
|
|
end
|
|
|
|
end
|
|
|
|
end
|