active_record_api-rest 2.0.2 → 2.0.3
Sign up to get free protection for your applications and to get access to all the features.
checksums.yaml
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
---
|
2
2
|
SHA256:
|
3
|
-
metadata.gz:
|
4
|
-
data.tar.gz:
|
3
|
+
metadata.gz: dc0994a817d2635310dec3b30cc63facf74a6d9ddc6cd2596e738e28ecd4eaea
|
4
|
+
data.tar.gz: a0cacee14a02df257725c2c5b051427ad913147500524701a6662c13299eb8a2
|
5
5
|
SHA512:
|
6
|
-
metadata.gz:
|
7
|
-
data.tar.gz:
|
6
|
+
metadata.gz: 72232b6d22a4b6910b4c322ae5cc9dcf61835797e07194dfcee7398966edf083862daa4fb3cafc6f72f5e4c8476f8995420fac9e7eeda76258d456da1dd7f404
|
7
|
+
data.tar.gz: 473abbe43485294be082c82e01291cbcec17f26e0a49ceca924655aaef5cc6134fa62a7a4a22b0674fbf3da67996b2a8c6a3022b0273e8cc662bf1b8d10c9fab
|
@@ -38,7 +38,8 @@ module ActiveRecordApi
|
|
38
38
|
# If the incoming request has this token, it's assumed to be originating from
|
39
39
|
# FME APIs and can be marked authenticated.
|
40
40
|
def authenticated_internally?
|
41
|
-
|
41
|
+
header = request.headers['Authorization'] || request.headers['authorization']
|
42
|
+
token = header&.split(' ')&.last
|
42
43
|
safe_word = ENV['FME_INTERNAL_API_TOKEN']
|
43
44
|
# Compare the tokens in a time-constant manner, to mitigate
|
44
45
|
# timing attacks.
|
metadata
CHANGED
@@ -1,14 +1,14 @@
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
2
2
|
name: active_record_api-rest
|
3
3
|
version: !ruby/object:Gem::Version
|
4
|
-
version: 2.0.
|
4
|
+
version: 2.0.3
|
5
5
|
platform: ruby
|
6
6
|
authors:
|
7
7
|
- Full Measure Education
|
8
8
|
autorequire:
|
9
9
|
bindir: exe
|
10
10
|
cert_chain: []
|
11
|
-
date: 2022-
|
11
|
+
date: 2022-06-28 00:00:00.000000000 Z
|
12
12
|
dependencies:
|
13
13
|
- !ruby/object:Gem::Dependency
|
14
14
|
name: bundler
|