Document Bearer prefix for Authorization header [ci skip]

61948155 · Eliot Sykes · f860ab3f · 61948155
隐藏空白更改
内联并排

Showing with 7 addition and 5 deletion

actionpack/lib/action_controller/metal/http_authentication.rb ...onpack/lib/action_controller/metal/http_authentication.rb +7 -5

未找到文件。
--- a/actionpack/lib/action_controller/metal/http_authentication.rb
+++ b/actionpack/lib/action_controller/metal/http_authentication.rb
@@ -436,15 +436,17 @@ def authenticate(controller, &login_procedure)
        end
      end

-      # Parses the token and options out of the token authorization header. If
-      # the header looks like this:
+      # Parses the token and options out of the token authorization header.
+      # The value for the Authorization header is expected to have the prefix
+      # <tt>"Token"</tt> or <tt>"Bearer"</tt>. If the header looks like this:
      #   Authorization: Token token="abc", nonce="def"
-      # Then the returned token is "abc", and the options is {nonce: "def"}
+      # Then the returned token is <tt>"abc"</tt>, and the options are
+      # <tt>{nonce: "def"}</tt>
      #
      # request - ActionDispatch::Request instance with the current headers.
      #
-      # Returns an Array of [String, Hash] if a token is present.
-      # Returns nil if no token is found.
+      # Returns an +Array+ of <tt>[String, Hash]</tt> if a token is present.
+      # Returns +nil+ if no token is found.
      def token_and_options(request)
        authorization_request = request.authorization.to_s
        if authorization_request[TOKEN_REGEX]