Add the possibility to define API token in config file

2015-12-06 18:13:49 -05:00 · 2015-12-06 18:13:49 -05:00 · 756e8697c0
parent 46dfd453a9
commit 756e8697c0
3 changed files with 20 additions and 1 deletions
--- a/1
+++ b/1
@ -23,6 +23,7 @@ New features:
 * Add new project role Viewer (Work in progress)
 * Add generic LDAP client library
 * Add search query attribute for task link
+* Add the possibility to define API token in config file

 Version 1.0.21
 --------------
--- a/app/Api/Auth.php
+++ b/app/Api/Auth.php
@ -60,6 +60,21 @@ class Auth extends Base
     */
    private function isAppAuthenticated($username, $password)
    {
-        return $username === 'jsonrpc' && $password === $this->config->get('api_token');
+        return $username === 'jsonrpc' && $password === $this->getApiToken();
+    }
+
+    /**
+     * Get API Token
+     *
+     * @access private
+     * @return string
+     */
+    private function getApiToken()
+    {
+        if (defined('API_AUTHENTICATION_TOKEN')) {
+            return API_AUTHENTICATION_TOKEN;
+        }
+
+        return $this->config->get('api_token');
    }
 }
--- a/doc/config.markdown
+++ b/doc/config.markdown
@ -294,4 +294,7 @@ define('API_AUTHENTICATION_HEADER', '');

 // Hide login form, useful if all your users use Google/Github/ReverseProxy authentication
 define('HIDE_LOGIN_FORM', false);
+
+// Override API token stored in the database, useful for automated tests
+define('API_AUTHENTICATION_TOKEN', 'My unique API Token');
 ```