From 3186683cd0da9d72c82be87ca0d18ed633f46618 Mon Sep 17 00:00:00 2001
From: Jyri-Petteri Paloposki <jyri-petteri.paloposki@iki.fi>
Date: Sat, 4 May 2019 23:13:28 +0300
Subject: [PATCH] #2203: Try to use basic password also as a token when
 accessing a token-enabled endpoint

---
 lib/login_system.rb | 7 +++++++
 1 file changed, 7 insertions(+)

diff --git a/lib/login_system.rb b/lib/login_system.rb
index a3dfe2df..ce2e2614 100644
--- a/lib/login_system.rb
+++ b/lib/login_system.rb
@@ -72,10 +72,17 @@ module LoginSystem
 
   def login_or_feed_token_required
     if ['rss', 'atom', 'txt', 'ics', 'xml'].include?(params[:format])
+      # Login based on the token GET parameter
       if user = User.where(:token => params[:token]).first
         set_current_user(user)
         return true
       end
+      # Allow also login based on auth data
+      auth = get_basic_auth_data
+      if user = User.where(:login => auth[:user], :token => auth[:pass]).first
+        set_current_user(user)
+        return true
+      end
     end
     login_required
   end