Merge pull request #13059 from annando/disable-basicauth

Issue 13058: BasicAuth can now be disabled
This commit is contained in:
Hypolite Petovan 2023-04-30 08:54:48 -04:00 committed by GitHub
commit f74cc59530
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
2 changed files with 5 additions and 1 deletions

View File

@ -177,7 +177,7 @@ class BasicAuth
}
Logger::debug('Access denied', ['parameters' => $_SERVER]);
// Checking for commandline for the tests, we have to avoid to send a header
if (php_sapi_name() !== 'cli') {
if (DI::config()->get('system', 'basicauth') && (php_sapi_name() !== 'cli')) {
header('WWW-Authenticate: Basic realm="Friendica"');
}
throw new UnauthorizedException("This API requires login");

View File

@ -132,6 +132,10 @@ return [
// The value has to start with the scheme and end with a "/"
'avatar_cache_url' => '',
// basicauth (Boolean)
// Controls if login via BasicAuth is possible (default is true)
'basicauth' => true,
// big_emojis (Boolean)
// Display "Emoji Only" posts in big.
'big_emojis' => false,