diff options
author | Eugen Rochko <eugen@zeonfederated.com> | 2016-08-26 19:12:19 +0200 |
---|---|---|
committer | Eugen Rochko <eugen@zeonfederated.com> | 2016-08-26 19:12:19 +0200 |
commit | 92afd296509de82e7550f67064b032db916b1f63 (patch) | |
tree | 6d723210f723d0a74317805352e7912b70c54240 /config/initializers | |
parent | 44e57f64dd8b00900c31d7fd56fda94f4e69e986 (diff) |
The frontend will now be an OAuth app, auto-authorized. The frontend will use an access token for API requests
Adding better errors for the API controllers, posting a simple status works from the frontend now
Diffstat (limited to 'config/initializers')
-rw-r--r-- | config/initializers/doorkeeper.rb | 8 |
1 files changed, 4 insertions, 4 deletions
diff --git a/config/initializers/doorkeeper.rb b/config/initializers/doorkeeper.rb index cf320c557..0d6574d9f 100644 --- a/config/initializers/doorkeeper.rb +++ b/config/initializers/doorkeeper.rb @@ -4,7 +4,7 @@ Doorkeeper.configure do # This block will be called to check whether the resource owner is authenticated or not. resource_owner_authenticator do - current_user || warden.authenticate!(scope: :user) + current_user || redirect_to(new_user_session_url) end resource_owner_from_credentials do |routes| @@ -100,9 +100,9 @@ Doorkeeper.configure do # Under some circumstances you might want to have applications auto-approved, # so that the user skips the authorization step. # For example if dealing with a trusted application. - # skip_authorization do |resource_owner, client| - # client.superapp? or resource_owner.admin? - # end + skip_authorization do |resource_owner, client| + client.superapp? + end # WWW-Authenticate Realm (default "Doorkeeper"). # realm "Doorkeeper" |