techhub/mastodon
2
0
Fork 0
Code Activity

Change devise to not use HTTP Basic Authentication (#34501)

Browse Source
This commit is contained in:
Emelia Smith
2025-04-22 14:11:21 +02:00
committed by GitHub
parent cba4682ced
commit b754e28190
1 changed files with 3 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
config/initializers/devise.rb
View File

@@ -158,13 +158,15 @@ Devise.setup do |config|
# given strategies, for example, `config.params_authenticatable = [:database]` will
# enable it only for database (email + password) authentication.
# config.params_authenticatable = true
config.params_authenticatable = true
# Tell if authentication through HTTP Auth is enabled. False by default.
# It can be set to an array that will enable http authentication only for the
# given strategies, for example, `config.http_authenticatable = [:database]` will
# enable it only for database authentication. The supported strategies are:
# :database = Support basic authentication with authentication key + password
config.http_authenticatable = [:pam, :database]
# config.http_authenticatable = [:pam, :database]
config.http_authenticatable = false
# If 401 status code should be returned for AJAX requests. True by default.
# config.http_authenticatable_on_xhr = true