fix: reject API tokens if API is disabled
This commit is contained in:
parent
f7c0daec9a
commit
df933f5dc4
@ -140,7 +140,9 @@ module.exports = {
|
|||||||
|
|
||||||
// Process API tokens
|
// Process API tokens
|
||||||
if (_.has(user, 'api')) {
|
if (_.has(user, 'api')) {
|
||||||
if (_.includes(WIKI.auth.validApiKeys, user.api)) {
|
if (!WIKI.config.api.isEnabled) {
|
||||||
|
return next(new Error('API is disabled. You must enable it from the Administration Area first.'))
|
||||||
|
} else if (_.includes(WIKI.auth.validApiKeys, user.api)) {
|
||||||
req.user = {
|
req.user = {
|
||||||
id: 1,
|
id: 1,
|
||||||
email: 'api@localhost',
|
email: 'api@localhost',
|
||||||
|
Loading…
Reference in New Issue
Block a user