liz/wikijs-fork
liz/wikijs-fork
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

fix: reject API tokens if API is disabled

Browse Source
This commit is contained in:
NGPixel 2020-02-23 15:30:40 -05:00
parent f7c0daec9a
commit df933f5dc4
1 changed files with 3 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
server/core/auth.js
View File

@ -140,7 +140,9 @@ module.exports = {
// Process API tokens // Process API tokens
if (_.has(user, 'api')) { if (_.has(user, 'api')) {
if (_.includes(WIKI.auth.validApiKeys, user.api)) { if (!WIKI.config.api.isEnabled) {
return next(new Error('API is disabled. You must enable it from the Administration Area first.'))
} else if (_.includes(WIKI.auth.validApiKeys, user.api)) {
req.user = { req.user = {
id: 1, id: 1,
email: 'api@localhost', email: 'api@localhost',