From 403cb858bee424aa3b35e450f44f56da1f020a09 Mon Sep 17 00:00:00 2001
From: Mikael Nordfeldth <mmn@hethane.se>
Date: Mon, 10 Nov 2014 11:43:08 +0100
Subject: [PATCH] Less verbose logic for checking api authentication

---
 lib/apiauthaction.php | 14 +++++---------
 1 file changed, 5 insertions(+), 9 deletions(-)

diff --git a/lib/apiauthaction.php b/lib/apiauthaction.php
index 6415475f9f..ed03820daa 100644
--- a/lib/apiauthaction.php
+++ b/lib/apiauthaction.php
@@ -97,16 +97,12 @@ class ApiAuthAction extends ApiAction
         } else {
             $oauthReq = $this->getOAuthRequest();
 
-            if (!$oauthReq) {
-                if ($this->requiresAuth()) {
-                    $this->checkBasicAuthUser(true);
-                } else {
-                    // Check to see if a basic auth user is there even
-                    // if one's not required
-                    $this->checkBasicAuthUser(false);
-                }
-            } else {
+            if ($oauthReq instanceof OAuthRequest) {
                 $this->checkOAuthRequest($oauthReq);
+            } else {
+                // If not using OAuth, check if there is a basic auth
+                // and require it if the current action requires it.
+                $this->checkBasicAuthUser($this->requiresAuth());
             }
 
             // NOTE: Make sure we're scoped properly based on the auths!
-- 
2.39.5