Adding OAuth access scopes, fixing OAuth authorization UI, adding rate limiting

to the API
2016-10-22 19:38:47 +02:00 · 2016-10-22 19:38:47 +02:00 · a9e40a3d80
commit a9e40a3d80
parent 17122df80d
26 changed files with 195 additions and 99 deletions
--- a/app/controllers/api/v1/accounts_controller.rb
+++ b/app/controllers/api/v1/accounts_controller.rb
@ -1,5 +1,7 @@
 class Api::V1::AccountsController < ApiController
-  before_action :doorkeeper_authorize!
+  before_action -> { doorkeeper_authorize! :read }, except: [:follow, :unfollow, :block, :unblock]
+  before_action -> { doorkeeper_authorize! :follow }, only: [:follow, :unfollow, :block, :unblock]
+
  before_action :set_account, except: [:verify_credentials, :suggestions]
  respond_to    :json