[#7028] Lint, changelog

ckan · Sep 15, 2022 · d707ab6 · d707ab6
1 parent b620d1a
commit d707ab6
Show file tree

Hide file tree

Showing 3 changed files with 3 additions and 3 deletions.
diff --git a/changes/7088.misc b/changes/7088.misc
@@ -0,0 +1 @@
+Site maintainers can choose to completely ignore cookie based by using ``ckan.auth.disable_cookie_auth_in_api``. When set to True, all API requests must use :ref:`API Tokens <api authentication>`. Note that this is likely to affect JS modules from the frontend that perform API calls, so it should be used with caution.
diff --git a/ckan/config/middleware/flask_app.py b/ckan/config/middleware/flask_app.py
@@ -320,8 +320,8 @@ def load_user(user_id: str) -> Optional["model.User"]:  # type: ignore
     @login_manager.request_loader
     def load_user_from_request(request):  # type: ignore
         """
-        This callback function is called whenever a user could not be authenticated
-        via the session cookie, so we fall back to the API token
+        This callback function is called whenever a user could not be
+        authenticated via the session cookie, so we fall back to the API token.
         """
         user = _get_user_for_apitoken()
         return user

diff --git a/ckan/tests/controllers/test_api.py b/ckan/tests/controllers/test_api.py
@@ -380,4 +380,3 @@ def test_cookie_based_auth_disabled(app):
     res = app.get(url, environ_overrides=env)
 
     assert res.status_code == 200
-