Don't redirect unauthenticated API requests to the login page

refs #11151
This commit is contained in:
Alexander A. Klimov 2016-02-15 13:36:29 +01:00
parent c5281935c6
commit 8a4f15d32c

View File

@ -282,10 +282,7 @@ class Auth
if ($request->isXmlHttpRequest() || ! $request->isApiRequest()) {
return false;
}
if (($header = $request->getHeader('Authorization')) === false) {
return false;
}
if (empty($header)) {
if (($header = $request->getHeader('Authorization')) === false || empty($header)) {
$this->challengeHttp();
}
list($scheme) = explode(' ', $header, 2);