Skip to content

[#1940] Reinstated OAuth-less `admin_token` authentication

Ivan Tashkinov requested to merge 1940-admin-token-oauthless-auth into develop

Reinstated OAuth-less admin_token authentication.

Refactored UserIsAdminPlug (freed from checking admin scopes presence).

Applied rate limit for requests with bad admin_token.

Added doc warnings on admin_token setting.

Closes #1940 (closed)

Edited by rinpatch

Merge request reports