support URL param to token, but still restrict to APIs

This commit is contained in:
Unknwon 2015-09-02 02:45:01 -04:00
parent 2ac8e11f46
commit 65e73c4ac6

View File

@ -32,6 +32,7 @@ func SignedInID(ctx *macaron.Context, sess session.Store) int64 {
} }
// Check access token. // Check access token.
if IsAPIPath(ctx.Req.URL.Path) {
tokenSHA := ctx.Query("token") tokenSHA := ctx.Query("token")
if len(tokenSHA) == 0 { if len(tokenSHA) == 0 {
// Well, check with header again. // Well, check with header again.
@ -59,6 +60,7 @@ func SignedInID(ctx *macaron.Context, sess session.Store) int64 {
} }
return t.UID return t.UID
} }
}
uid := sess.Get("uid") uid := sess.Get("uid")
if uid == nil { if uid == nil {