Less verbose logic for checking api authentication

2014-11-10 11:43:08 +01:00 · 2014-11-10 11:43:08 +01:00 · 403cb858be
commit 403cb858be
parent 6f5086fc52
1 changed files with 5 additions and 9 deletions
--- a/lib/apiauthaction.php
+++ b/lib/apiauthaction.php
@ -97,16 +97,12 @@ class ApiAuthAction extends ApiAction
        } else {
            $oauthReq = $this->getOAuthRequest();

-            if (!$oauthReq) {
-                if ($this->requiresAuth()) {
-                    $this->checkBasicAuthUser(true);
-                } else {
-                    // Check to see if a basic auth user is there even
-                    // if one's not required
-                    $this->checkBasicAuthUser(false);
-                }
-            } else {
+            if ($oauthReq instanceof OAuthRequest) {
                $this->checkOAuthRequest($oauthReq);
+            } else {
+                // If not using OAuth, check if there is a basic auth
+                // and require it if the current action requires it.
+                $this->checkBasicAuthUser($this->requiresAuth());
            }

            // NOTE: Make sure we're scoped properly based on the auths!