about summary refs log tree commit diff
diff options
context:
space:
mode:
authorEugen Rochko <eugen@zeonfederated.com>2017-07-11 17:08:26 +0200
committerGitHub <noreply@github.com>2017-07-11 17:08:26 +0200
commitf93de3a516d23cddea7cce147d3da3decac85f2f (patch)
tree1aed95dd7b0431565db1fdc7cceddba3d119a1da
parente19eefe219c46ea9f763d0279029f03c5cf4554f (diff)
Fix #3462 - Require authentication for search API (#4155)
This makes it consistent with /api/v1/accounts/search and
previous behaviour has been an oversight.
-rw-r--r--app/controllers/api/v1/search_controller.rb3
1 files changed, 3 insertions, 0 deletions
diff --git a/app/controllers/api/v1/search_controller.rb b/app/controllers/api/v1/search_controller.rb
index 1353682ea..bc5b8e5d4 100644
--- a/app/controllers/api/v1/search_controller.rb
+++ b/app/controllers/api/v1/search_controller.rb
@@ -3,6 +3,9 @@
 class Api::V1::SearchController < Api::BaseController
   RESULTS_LIMIT = 5
 
+  before_action -> { doorkeeper_authorize! :read }
+  before_action :require_user!
+
   respond_to :json
 
   def index