diff options
author | Azul <azul@leap.se> | 2014-07-14 12:18:18 +0200 |
---|---|---|
committer | Azul <azul@leap.se> | 2014-07-14 13:04:08 +0200 |
commit | b80be9832526ee956b3a73a634896c6cd8d2914e (patch) | |
tree | 3c8d4ebafd6a7d063fedaeb0d307667b05c05e74 /engines | |
parent | 3885308e9a2aa48f25313567525e375362253f47 (diff) |
ApiController with API style auth
require_login is require_token for the api controller
It also skips the verify_authenticity_token before filter.
So all Subclasses of the ApiController will only support token auth.
Also made the V1::UsersController a bit more strict. Now way for admins to alter other users through the api. We don't support that yet so let's not allow it either.
Diffstat (limited to 'engines')
0 files changed, 0 insertions, 0 deletions