Merge pull request #138 from azul/feature/token-only-api-auth

Feature/token only api auth

3 files changed, 4 insertions, 3 deletions

diff --git a/users/app/controllers/v1/messages_controller.rb b/users/app/controllers/v1/messages_controller.rb
index 1b994ca..90986e2 100644
--- a/users/app/controllers/v1/messages_controller.rb
+++ b/users/app/controllers/v1/messages_controller.rb
@@ -2,7 +2,7 @@ module V1
   class MessagesController < ApplicationController
 
     skip_before_filter :verify_authenticity_token
-    before_filter :authorize
+    before_filter :require_token
 
     respond_to :json
 
diff --git a/users/app/controllers/v1/sessions_controller.rb b/users/app/controllers/v1/sessions_controller.rb
index eb6c322..eae3a1e 100644
--- a/users/app/controllers/v1/sessions_controller.rb
+++ b/users/app/controllers/v1/sessions_controller.rb
@@ -2,6 +2,7 @@ module V1
   class SessionsController < ApplicationController
 
     skip_before_filter :verify_authenticity_token
+    before_filter :require_token, only: :destroy
 
     def new
       @session = Session.new
diff --git a/users/app/controllers/v1/users_controller.rb b/users/app/controllers/v1/users_controller.rb
index 0903888..8897d01 100644
--- a/users/app/controllers/v1/users_controller.rb
+++ b/users/app/controllers/v1/users_controller.rb
@@ -3,8 +3,8 @@ module V1
 
     skip_before_filter :verify_authenticity_token
     before_filter :fetch_user, :only => [:update]
-    before_filter :authorize, :only => [:update]
-    before_filter :authorize_admin, :only => [:index]
+    before_filter :require_admin, :only => [:index]
+    before_filter :require_token, :only => [:update]
 
     respond_to :json