mirror of
https://github.com/gristlabs/grist-core.git
synced 2024-10-27 20:44:07 +00:00
3210eee24f
Summary: By default, only respect GRIST_FORWARD_AUTH_HEADER on login endpoints; sessions are used elsewhere. With GRIST_IGNORE_SESSION, do not use sessions, and respect GRIST_FORWARD_AUTH_HEADER on all endpoints. GRIST_PROXY_AUTH_HEADER is now a synonym to GRIST_FORWARD_AUTH_HEADER. Test Plan: Fixed tests. Tested first approach (no GRIST_IGNORE_SESSION) with grist-omnibus manually. Tested the second approach (with GRIST_IGNORE_SESSION) with a Apache-based setup enforcing http basic auth on all endpoints. Reviewers: paulfitz, georgegevoian Reviewed By: paulfitz, georgegevoian Differential Revision: https://phab.getgrist.com/D4104 |
||
---|---|---|
.. | ||
declarations | ||
lib | ||
utils | ||
companion.ts | ||
declarations.d.ts | ||
devServerMain.ts | ||
generateCheckpoint.ts | ||
generateInitialDocSql.ts | ||
localization.ts | ||
mergedServerMain.ts | ||
tsconfig.json |