mirror of
https://github.com/BookStackApp/BookStack.git
synced 2025-07-28 17:02:04 +03:00
Updated API auth handling of email confirmations
Email confirmations are now done within the guard during auth checking instead of at the middleware layer.
This commit is contained in:
@ -9,7 +9,6 @@ use Illuminate\Http\Request;
|
||||
|
||||
class ApiAuthenticate
|
||||
{
|
||||
use ChecksForEmailConfirmation;
|
||||
|
||||
/**
|
||||
* Handle an incoming request.
|
||||
@ -37,7 +36,6 @@ class ApiAuthenticate
|
||||
// Return if the user is already found to be signed in via session-based auth.
|
||||
// This is to make it easy to browser the API via browser after just logging into the system.
|
||||
if (signedInUser() || session()->isStarted()) {
|
||||
$this->ensureEmailConfirmedIfRequested();
|
||||
if (!user()->can('access-api')) {
|
||||
throw new ApiAuthException(trans('errors.api_user_no_api_permission'), 403);
|
||||
}
|
||||
@ -50,7 +48,6 @@ class ApiAuthenticate
|
||||
|
||||
// Validate the token and it's users API access
|
||||
auth()->authenticate();
|
||||
$this->ensureEmailConfirmedIfRequested();
|
||||
}
|
||||
|
||||
/**
|
||||
|
Reference in New Issue
Block a user