Less verbose logic for checking api authentication

This commit is contained in:
Mikael Nordfeldth 2014-11-10 11:43:08 +01:00
parent 6f5086fc52
commit 403cb858be

View File

@ -97,16 +97,12 @@ class ApiAuthAction extends ApiAction
} else { } else {
$oauthReq = $this->getOAuthRequest(); $oauthReq = $this->getOAuthRequest();
if (!$oauthReq) { if ($oauthReq instanceof OAuthRequest) {
if ($this->requiresAuth()) {
$this->checkBasicAuthUser(true);
} else {
// Check to see if a basic auth user is there even
// if one's not required
$this->checkBasicAuthUser(false);
}
} else {
$this->checkOAuthRequest($oauthReq); $this->checkOAuthRequest($oauthReq);
} else {
// If not using OAuth, check if there is a basic auth
// and require it if the current action requires it.
$this->checkBasicAuthUser($this->requiresAuth());
} }
// NOTE: Make sure we're scoped properly based on the auths! // NOTE: Make sure we're scoped properly based on the auths!