yujunjun/strapi
1
0
Fork 0
mirror of https://github.com/strapi/strapi.git synced 2025-10-31 18:08:11 +00:00
Code Issues Packages Projects Releases Wiki Activity
strapi/lib/configuration/hooks/dashboard/policies/dashboardToken.js
pierreburgy a1b6e6eb56 DashboardToken used in headers
2015-11-03 18:46:30 +01:00

28 lines
747 B
JavaScript
Raw Blame History

'use strict';
/**
* Policy used to check if the `dashboardToken` field is valid.
*
* @param next
*/
module.exports = function * (next) {
// Format dashboardToken variables.
const dashboardTokenParam = this.header.dashboardtoken;
const dashboardTokenConfig = strapi.config.dashboard && strapi.config.dashboard.token;
// Check dashboardToken for security purposes.
if (!dashboardTokenParam || !dashboardTokenConfig || dashboardTokenParam !== dashboardTokenConfig) {
this.status = 401;
this.body = {
message: 'dashboardToken parameter is invalid.'
};
} else {
// Delete `dashboardToken` field.
delete this.request.query.dashboardToken;
delete this.request.body.dashboardToken;
yield next;
}
};
Reference in New Issue View Git Blame Copy Permalink