hj/pleroma
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity

Enforcement of OAuth scopes check for authenticated API endpoints, :skip_plug plug to mark a plug explicitly skipped (disabled).

Browse source
This commit is contained in:
Ivan Tashkinov 2020-04-06 10:20:44 +03:00
commit fc81e5a49c
14 changed files with 113 additions and 39 deletions
Download patch file Download diff file Expand all files Collapse all files

2
lib/pleroma/web/twitter_api/twitter_api_controller.ex
View file

@ -15,6 +15,8 @@ defmodule Pleroma.Web.TwitterAPI.Controller do
plug(OAuthScopesPlug, %{scopes: ["write:notifications"]} when action == :notifications_read)
plug(:skip_plug, OAuthScopesPlug when action in [:oauth_tokens, :revoke_token])
plug(Pleroma.Plugs.EnsurePublicOrAuthenticatedPlug)
action_fallback(:errors)