API should follow RequireSignInView (#8654)

2019-10-24 13:32:40 +08:00 · 2019-10-24 13:32:40 +08:00 · 3c63c3ace4
parent bd7709a602
commit 3c63c3ace4
1 changed files with 8 additions and 1 deletions
--- a/routers/api/v1/api.go
+++ b/routers/api/v1/api.go
@ -862,7 +862,7 @@ func RegisterRoutes(m *macaron.Macaron) {
 		m.Group("/topics", func() {
 			m.Get("/search", repo.TopicSearch)
 		})
-	}, securityHeaders(), context.APIContexter(), sudo())
+	}, securityHeaders(), reqTokenBySetting(), context.APIContexter(), sudo())
 }

 func securityHeaders() macaron.Handler {
@ -874,3 +874,10 @@ func securityHeaders() macaron.Handler {
 		})
 	}
 }
+
+func reqTokenBySetting() macaron.Handler {
+	if setting.Service.RequireSignInView {
+		return reqToken()
+	}
+	return func(ctx *macaron.Context) {}
+}