API should follow RequireSignInView (#8654) (#8661)

This commit is contained in:
Lunny Xiao 2019-10-24 14:57:24 +08:00 committed by GitHub
parent 63c54f7e1f
commit ffff835b73
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23

View file

@ -845,7 +845,7 @@ func RegisterRoutes(m *macaron.Macaron) {
m.Group("/topics", func() {
m.Get("/search", repo.TopicSearch)
})
}, securityHeaders(), context.APIContexter(), sudo())
}, securityHeaders(), reqTokenBySetting(), context.APIContexter(), sudo())
}
func securityHeaders() macaron.Handler {
@ -857,3 +857,10 @@ func securityHeaders() macaron.Handler {
})
}
}
func reqTokenBySetting() macaron.Handler {
if setting.Service.RequireSignInView {
return reqToken()
}
return func(ctx *macaron.Context) {}
}