diff options
| author | Unknwon <u@gogs.io> | 2015-07-15 19:17:57 +0800 |
|---|---|---|
| committer | Unknwon <u@gogs.io> | 2015-07-15 19:17:57 +0800 |
| commit | ff051e2106bb44203736934547a7a2c501b1a784 (patch) | |
| tree | d5701892a22535ed546355a3b378aee40722660d /modules/auth/auth.go | |
| parent | 71b9a87fe15ea8da24301f25aa706b148fd3b940 (diff) | |
#1128: API calls are not hidden behind sign in
Diffstat (limited to 'modules/auth/auth.go')
| -rw-r--r-- | modules/auth/auth.go | 6 |
1 files changed, 5 insertions, 1 deletions
diff --git a/modules/auth/auth.go b/modules/auth/auth.go index edcb1306..42346430 100644 --- a/modules/auth/auth.go +++ b/modules/auth/auth.go @@ -21,6 +21,10 @@ import ( "github.com/gogits/gogs/modules/uuid" ) +func IsAPIPath(url string) bool { + return strings.HasPrefix(url, "/api/") +} + // SignedInId returns the id of signed in user. func SignedInId(req *http.Request, sess session.Store) int64 { if !models.HasEngine { @@ -28,7 +32,7 @@ func SignedInId(req *http.Request, sess session.Store) int64 { } // API calls need to check access token. - if strings.HasPrefix(req.URL.Path, "/api/") { + if IsAPIPath(req.URL.Path) { auHead := req.Header.Get("Authorization") if len(auHead) > 0 { auths := strings.Fields(auHead) |