- if doorkeeper_token&.accessible?
- self.current_user = User.find(doorkeeper_token.resource_owner_id)
- elsif Authenticator.new(self, [:token]).allow?
- if Settings.oauth_10a_support
- # self.current_user setup by OAuth
- else
- report_error t("application.oauth_10a_disabled", :link => t("application.auth_disabled_link")), :forbidden
- end
- else
- username, passwd = auth_data # parse from headers
- # authenticate per-scheme
- self.current_user = if username.nil?
- nil # no authentication provided - perhaps first connect (client should retry after 401)
- elsif username == "token"
- User.authenticate(:token => passwd) # preferred - random token for user from db, passed in basic auth
- else
- User.authenticate(:username => username, :password => passwd) # basic auth
- end
- if username && current_user
- if Settings.basic_auth_support
- # log if we have authenticated using basic auth
- logger.info "Authenticated as user #{current_user.id} using basic authentication"
- else
- report_error t("application.basic_auth_disabled", :link => t("application.auth_disabled_link")), :forbidden
- end
- end
- end