summaryrefslogtreecommitdiff
path: root/users/app/controllers/v1
diff options
context:
space:
mode:
authorjessib <jessib@riseup.net>2014-02-10 10:27:52 -0800
committerjessib <jessib@riseup.net>2014-02-10 10:27:52 -0800
commitb6ef51277b4e6d65cfda15f0124ae4f222f7f241 (patch)
treeda7eb2d3a3a648be0be519aae23f997f248ba320 /users/app/controllers/v1
parentbcdde2f6bfb4ed3a1535bd2e50ab47529a9141e2 (diff)
parentb4719619aabbe9ebf74563b62e1eb8e4fb248c21 (diff)
Merge pull request #138 from azul/feature/token-only-api-auth
Feature/token only api auth
Diffstat (limited to 'users/app/controllers/v1')
-rw-r--r--users/app/controllers/v1/messages_controller.rb2
-rw-r--r--users/app/controllers/v1/sessions_controller.rb1
-rw-r--r--users/app/controllers/v1/users_controller.rb4
3 files changed, 4 insertions, 3 deletions
diff --git a/users/app/controllers/v1/messages_controller.rb b/users/app/controllers/v1/messages_controller.rb
index 1b994ca..90986e2 100644
--- a/users/app/controllers/v1/messages_controller.rb
+++ b/users/app/controllers/v1/messages_controller.rb
@@ -2,7 +2,7 @@ module V1
class MessagesController < ApplicationController
skip_before_filter :verify_authenticity_token
- before_filter :authorize
+ before_filter :require_token
respond_to :json
diff --git a/users/app/controllers/v1/sessions_controller.rb b/users/app/controllers/v1/sessions_controller.rb
index eb6c322..eae3a1e 100644
--- a/users/app/controllers/v1/sessions_controller.rb
+++ b/users/app/controllers/v1/sessions_controller.rb
@@ -2,6 +2,7 @@ module V1
class SessionsController < ApplicationController
skip_before_filter :verify_authenticity_token
+ before_filter :require_token, only: :destroy
def new
@session = Session.new
diff --git a/users/app/controllers/v1/users_controller.rb b/users/app/controllers/v1/users_controller.rb
index 0903888..8897d01 100644
--- a/users/app/controllers/v1/users_controller.rb
+++ b/users/app/controllers/v1/users_controller.rb
@@ -3,8 +3,8 @@ module V1
skip_before_filter :verify_authenticity_token
before_filter :fetch_user, :only => [:update]
- before_filter :authorize, :only => [:update]
- before_filter :authorize_admin, :only => [:index]
+ before_filter :require_admin, :only => [:index]
+ before_filter :require_token, :only => [:update]
respond_to :json