paulmataruso/zulip
1
0
Fork 0
mirror of https://github.com/zulip/zulip.git synced 2025-11-05 22:43:42 +00:00
Code Issues Packages Projects Releases Wiki Activity
10,949 Commits 30 Branches 160 Tags
250781e8438d794293321174bd431fba99b3a49c
Commit Graph

13 Commits

Author SHA1 Message Date
Tim Abbott
250781e843 Fix HTTP Basic Auth popups caused by auth failures. 
If a user's session cookie expired, the next REST API request their
browser did would go into the json_unauthorized code path.  This
returned a response with a WWW-Authenticate tag for HTTP Basic Auth
(since that's what the REST API uses), even for /json requests which
should only be authenticated using session auth.

We fix this by explicitly passing the desired WWW-Authenticate state.

Fixes: #800.
 2016-06-21 16:18:36 -07:00
Tomasz Kolek
9ae68ade8b Add is_webhook option to authentication decorats. 
Modified:
authenticated_rest_api_view
authenticated_api_view and validate_api_key.
 2016-06-21 11:47:38 -07:00
Umair Khan
1bfe566c8d [i18n] Make Json error messages translatable. 2016-06-04 18:48:36 -07:00
David Adamec
4f3c85a20c Add type annotations to zerver/lib/rest. 2016-06-03 23:48:46 -07:00
Tim Abbott
5bacda3662 python3: Fix usage of .keys()/.values() to handle iterators. 
This fixes the places where we use the result of .keys(), .items(),
and .values() that wouldn't work with an iterator to wrap them with
list().
 2016-01-26 21:11:25 -08:00
Tim Abbott
023f45190f rest_dispatch: Add support for using with websockets integration. 2015-12-12 18:14:08 -08:00
Luke Faraone
5147b52267 Return correct OPTIONS in rest_dispatch 
(imported from commit 095175cad4df982d2bf5603f3b927a3aa6d7f41f)
 2014-07-29 21:46:34 -07:00
Tim Abbott
2ca5f43f05 Report json format 500 errors from all json format views. 
Previously, we only did this via rest_dispatch.

(imported from commit b0edfdccea294378292b64677a64d5b01f936b08)
 2013-12-19 16:48:51 -05:00
Tim Abbott
7800a34d84 Fix json_unhandled_exception handling of JsonableError. 
(imported from commit 16ed6c213cbda3b60a16a01af32c56d6802b7acc)
 2013-12-13 18:13:43 -05:00
Steve Howell
44b738ab75 Have rest_dispatch return JSON when exceptions are thrown. 
(imported from commit 587a8f46d406c6358480db9e0ebd5afb69e12abf)
 2013-12-13 17:38:20 -05:00
Tim Abbott
46760e91cd rest_dispatch: Don't allow session auth on /api URLs. 
This caused problems with our tests suite where we were using a logged
in browser session and actually acting as a different user.

(imported from commit 73b8cb39d5d669e682fbacf2f7e574c228885c2f)
 2013-12-12 10:31:04 -05:00
Kevin Mehall
a09c7e1e0c Make rest_dispatch errors cleaner for requests from browsers. 
If you don't have a cookie or basic auth and the request looks like
a top-level page in the browser, redirect to the login page.

(imported from commit fc1bcb1080591522bd1b694664255f7049a5d443)
 2013-10-31 14:36:34 -04:00
Luke Faraone
9d4ef27b97 Make rest_dispatch accept a list of globals and move it into its own file. 
We're going to be using this from other views, so make it more generic.

(imported from commit c2c4f64b2a212f8a254f75c21dc93d8fc3f8351a)
 2013-10-25 14:13:30 -04:00