2017-10-13 20:05:18 -04:00
|
|
|
# Use for authentication only, in particular for Rack::Attack.
|
|
|
|
# Does not perform authorization of scopes, etc.
|
|
|
|
module Gitlab
|
|
|
|
module Auth
|
|
|
|
class RequestAuthenticator
|
2017-11-07 04:52:05 -05:00
|
|
|
include UserAuthFinders
|
|
|
|
|
|
|
|
attr_reader :request
|
|
|
|
|
2017-10-13 20:05:18 -04:00
|
|
|
def initialize(request)
|
2017-10-21 15:10:03 -04:00
|
|
|
@request = ensure_action_dispatch_request(request)
|
2017-10-13 20:05:18 -04:00
|
|
|
end
|
|
|
|
|
|
|
|
def user
|
|
|
|
find_sessionless_user || find_session_user
|
|
|
|
end
|
|
|
|
|
|
|
|
def find_sessionless_user
|
|
|
|
find_user_by_private_token || find_user_by_rss_token || find_user_by_oauth_token
|
|
|
|
end
|
|
|
|
end
|
|
|
|
end
|
|
|
|
end
|