Implement separate tokens for control and status actions #2082
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Implements #2081
Prior to this commit ...
Authentication for control and status actions is implemented via the same token.
With this commit ...
Puma implements a 'status-token' limited to status actions in Puma::App::Status.
If 'control-token' is defined, it is required for any action.
If 'control-token' is undefined, no token is required for any action.
If 'status-token' is undefined, no status token is required for status actions.
Description
Please describe your pull request. Thank you for contributing! You're the best.
Your checklist for this pull request
[changelog skip]
to all commit messages.[ci skip]
to the title of the PR.#issue
" to the PR description or my commit messages.