'statuses/show',
'help/test',
'help/downtime_schedule');
- if (in_array("$this->api_action/$this->api_method", $noauth)) {
+ static $bareauth = array('statuses/user_timeline');
+
+ # noauth: never needs auth
+ # bareauth: only needs auth if without an argument
+
+ $fullname = "$this->api_action/$this->api_method";
+
+ if (in_array($fullname, $bareauth) && !$this->api_arg) {
+ return true;
+ } if (in_array($fullname, $noauth)) {
return false;
- }
+ }
return true;
}
// Set the user to be the auth user if asked-for can't be found
// honestly! This is what Twitter does, I swear --Zach
$user = $apidata['user'];
-
- if (!$user) {
- # This header makes basic auth go
- header('WWW-Authenticate: Basic realm="Laconica API"');
- # if the user hits cancel -- bam!
- common_show_basic_auth_error();
- exit();
- }
}
$profile = $user->getProfile();
projects / quix0rs-gnu-social.git / commitdiff