David Taylor 6230f5c554
FEATURE: Allow parameter authentication for UserApiKeys (#9742)
This refactors default_current_user_provider in a few ways:
- Introduce a generic `api_parameter_allowed?` method which checks for whitelisted routes/formats
- Only read the api_key parameter on allowed routes. It is now completely ignored on other routes (previously it would raise a 403)
- Start reading user_api_key parameter on allowed routes
- Refactor tests as end-end integration tests

A plugin API for PARAMETER_API_PATTERNS will be added soon
2020-05-12 13:35:36 +01:00
..
2020-05-05 13:46:57 +10:00
2020-05-05 13:46:57 +10:00
2020-05-05 13:46:57 +10:00
2020-01-15 11:27:12 +01:00
2020-04-30 16:48:53 +10:00
2019-10-21 12:08:20 +01:00
2020-05-05 13:46:57 +10:00
2020-05-10 15:06:39 +03:00
2019-05-22 17:39:44 +03:00
2020-05-05 13:46:57 +10:00
2020-05-05 13:46:57 +10:00
2020-05-05 13:46:57 +10:00
2020-05-04 11:44:42 -04:00
2020-04-30 16:48:53 +10:00