jyt94
/
closedSocialMastodon
forked from closed-social/mastodon
1
0
Fork 0
Code Issues 0 Pull Requests 0 Projects 0 Releases 0 Wiki Activity
Browse Source

Disable API access when login is disabled (#7289)

closed-social-v3
Eugen Rochko 6 years ago
committed by GitHub
parent
295e3ef02b
commit
f62ee1ddb0
No known key found for this signature in database GPG Key ID: 4AEE18F83AFDEB23
1 changed files with 3 additions and 1 deletions
Split View
Diff Options
Show Stats Download Patch File Download Diff File
  1. +3
    -1
      app/controllers/api/base_controller.rb

+ 3
- 1
app/controllers/api/base_controller.rb View File

@ -66,8 +66,10 @@ class Api::BaseController < ApplicationController
end
def require_user!
if current_user
if current_user && !current_user.disabled?
set_user_activity
elsif current_user
render json: { error: 'Your login is currently disabled' }, status: 403
else
render json: { error: 'This method requires an authenticated user' }, status: 422
end

Write Preview
Loading…
Cancel
Save