1
0
mirror of https://github.com/ansible/awx.git synced 2024-11-02 18:21:12 +03:00

AC-654 Added 'X-Auth-Token' as a header in all requests. This will give the API a way to distinguish requests between UI an API Browser and invoke correct RBAC rules. Without this we run into a collision of sorts when user logs into UI and API Browser at the same time from the same browser.

This commit is contained in:
Chris Houseknecht 2013-11-19 20:47:58 +00:00
parent 66d6e2fe43
commit d340de970f

View File

@ -62,6 +62,7 @@ function($http, $rootScope, $cookieStore, $q, Authorization) {
}
else if (token) {
this.setHeader({ Authorization: 'Token ' + token });
this.setHeader({ "X-Auth-Token": 'Token ' + token });
return $http({method: 'GET',
url: this.url,
headers: this.headers,
@ -80,6 +81,7 @@ function($http, $rootScope, $cookieStore, $q, Authorization) {
}
else if (token) {
this.setHeader({ Authorization: 'Token ' + token });
this.setHeader({ "X-Auth-Token": 'Token ' + token });
return $http({
method: 'POST',
url: this.url,
@ -98,6 +100,7 @@ function($http, $rootScope, $cookieStore, $q, Authorization) {
}
else if (token) {
this.setHeader({ Authorization: 'Token ' + token });
this.setHeader({ "X-Auth-Token": 'Token ' + token });
return $http({
method: 'PUT',
url: this.url,
@ -116,6 +119,7 @@ function($http, $rootScope, $cookieStore, $q, Authorization) {
}
else if (token) {
this.setHeader({ Authorization: 'Token ' + token });
this.setHeader({ "X-Auth-Token": 'Token ' + token });
return $http({
method: 'DELETE',
url: this.url,
@ -134,6 +138,7 @@ function($http, $rootScope, $cookieStore, $q, Authorization) {
}
else if (token) {
this.setHeader({ Authorization: 'Token ' + token });
this.setHeader({ "X-Auth-Token": 'Token ' + token });
return $http({
method: 'OPTIONS',
url: this.url,