API Actions will decide whether something requires auth or a redirect.
if (!$user && common_config('site', 'private')
&& !isLoginAction($action)
&& !preg_match('/rss$/', $action)
if (!$user && common_config('site', 'private')
&& !isLoginAction($action)
&& !preg_match('/rss$/', $action)
+ && !preg_match('/^Api/', $action)
) {
common_redirect(common_local_url('login'));
return;
) {
common_redirect(common_local_url('login'));
return;