summaryrefslogtreecommitdiff
path: root/app/controllers/jwt_controller.rb
diff options
context:
space:
mode:
authorKamil Trzcinski <ayufan@ayufan.eu>2016-09-15 22:17:12 +0200
committerKamil Trzcinski <ayufan@ayufan.eu>2016-09-15 22:23:43 +0200
commit5f45ddc54577fb65db00636a05408b00636544f5 (patch)
tree3722ec5dc3e27d211303356430c93c24390dbfde /app/controllers/jwt_controller.rb
parent83b643a0145cf3f5b919cc61342ba0a824dfdcc9 (diff)
downloadgitlab-ce-5f45ddc54577fb65db00636a05408b00636544f5.tar.gz
Fix specs after merging LFS changes
Diffstat (limited to 'app/controllers/jwt_controller.rb')
-rw-r--r--app/controllers/jwt_controller.rb14
1 files changed, 12 insertions, 2 deletions
diff --git a/app/controllers/jwt_controller.rb b/app/controllers/jwt_controller.rb
index 0870a2a8f50..a69534c2258 100644
--- a/app/controllers/jwt_controller.rb
+++ b/app/controllers/jwt_controller.rb
@@ -13,7 +13,7 @@ class JwtController < ApplicationController
@authentication_result ||= Gitlab::Auth::Result.new
- result = service.new(@authentication_result.project, @authentication_result.user, auth_params).
+ result = service.new(@authentication_result.project, @authentication_result.actor, auth_params).
execute(capabilities: @authentication_result.capabilities)
render json: result, status: result[:http_status]
@@ -25,8 +25,18 @@ class JwtController < ApplicationController
authenticate_with_http_basic do |login, password|
@authentication_result = Gitlab::Auth.find_for_git_client(login, password, project: nil, ip: request.ip)
- render_403 unless @authentication_result.succeeded?
+ render_403 unless @authentication_result.success? &&
+ (@authentication_result.actor.nil? || @authentication_result.actor.is_a?(User))
end
+ rescue Gitlab::Auth::MissingPersonalTokenError
+ render_missing_personal_token
+ end
+
+ def render_missing_personal_token
+ render plain: "HTTP Basic: Access denied\n" \
+ "You have 2FA enabled, please use a personal access token for Git over HTTP.\n" \
+ "You can generate one at #{profile_personal_access_tokens_url}",
+ status: 401
end
def auth_params
View Lorry Controller Status