API should follow RequireSignInView (#8654)
This commit is contained in:
parent
bd7709a602
commit
3c63c3ace4
1 changed files with 8 additions and 1 deletions
|
@ -862,7 +862,7 @@ func RegisterRoutes(m *macaron.Macaron) {
|
|||
m.Group("/topics", func() {
|
||||
m.Get("/search", repo.TopicSearch)
|
||||
})
|
||||
}, securityHeaders(), context.APIContexter(), sudo())
|
||||
}, securityHeaders(), reqTokenBySetting(), context.APIContexter(), sudo())
|
||||
}
|
||||
|
||||
func securityHeaders() macaron.Handler {
|
||||
|
@ -874,3 +874,10 @@ func securityHeaders() macaron.Handler {
|
|||
})
|
||||
}
|
||||
}
|
||||
|
||||
func reqTokenBySetting() macaron.Handler {
|
||||
if setting.Service.RequireSignInView {
|
||||
return reqToken()
|
||||
}
|
||||
return func(ctx *macaron.Context) {}
|
||||
}
|
||||
|
|
Loading…
Reference in a new issue