liquid_feedback_frontend

view env/util/get_access_token.lua @ 1494:3e9b0f1adec3

find changesets by author, revision, files, or words in the commit message
Removed token based CSRF protection (WebMCP uses SameSite cookies now)
author bsw
date Mon Dec 09 15:54:57 2019 +0100 (2019-12-09)
parents 32cc544d5a5b
children
line source
1 function util.get_access_token()
2
3 local access_token_header = request.get_header("Authorization")
4 if access_token_header then
5 access_token_header = string.match(access_token_header, "^Bearer ([^ ,]*)$")
6 end
7
8 local access_token_param = param.get("access_token")
9
10 if access_token_header and access_token_param then
11 return nil, "header_and_param"
12 end
13
14 return(access_token_header or access_token_param)
15
16 end

Impressum / About Us