The frontend will now be an OAuth app, auto-authorized. The frontend will use an access token for API requests

Adding better errors for the API controllers, posting a simple status works from the frontend now
author: Eugen Rochko <eugen@zeonfederated.com> 2016-08-26 19:12:19 +0200
committer: Eugen Rochko <eugen@zeonfederated.com> 2016-08-26 19:12:19 +0200
commit: 92afd296509de82e7550f67064b032db916b1f63 (patch)
tree: 6d723210f723d0a74317805352e7912b70c54240 /config/initializers/doorkeeper.rb
parent: 44e57f64dd8b00900c31d7fd56fda94f4e69e986 (diff)
1 files changed, 4 insertions, 4 deletions
diff --git a/config/initializers/doorkeeper.rb b/config/initializers/doorkeeper.rb
index cf320c557..0d6574d9f 100644
--- a/config/initializers/doorkeeper.rb
+++ b/config/initializers/doorkeeper.rb
@@ -4,7 +4,7 @@ Doorkeeper.configure do
 
   # This block will be called to check whether the resource owner is authenticated or not.
   resource_owner_authenticator do
-    current_user || warden.authenticate!(scope: :user)
+    current_user || redirect_to(new_user_session_url)
   end
 
   resource_owner_from_credentials do |routes|
@@ -100,9 +100,9 @@ Doorkeeper.configure do
   # Under some circumstances you might want to have applications auto-approved,
   # so that the user skips the authorization step.
   # For example if dealing with a trusted application.
-  # skip_authorization do |resource_owner, client|
-  #   client.superapp? or resource_owner.admin?
-  # end
+  skip_authorization do |resource_owner, client|
+    client.superapp?
+  end
 
   # WWW-Authenticate Realm (default "Doorkeeper").
   # realm "Doorkeeper"
author	Eugen Rochko <eugen@zeonfederated.com>	2016-08-26 19:12:19 +0200
committer	Eugen Rochko <eugen@zeonfederated.com>	2016-08-26 19:12:19 +0200
commit	92afd296509de82e7550f67064b032db916b1f63 (patch)
tree	6d723210f723d0a74317805352e7912b70c54240 /config/initializers/doorkeeper.rb
parent	44e57f64dd8b00900c31d7fd56fda94f4e69e986 (diff)