BigW Consortium Gitlab

  1. 16 Dec, 2016 1 commit
    • Calls to the API are checked for scope. · 7fa06ed5
      Timothy Andrew authored
      - Move the `Oauth2::AccessTokenValidationService` class to
        `AccessTokenValidationService`, since it is now being used for
        personal access token validation as well.
      
      - Each API endpoint declares the scopes it accepts (if any). Currently,
        the top level API module declares the `api` scope, and the `Users` API
        module declares the `read_user` scope (for GET requests).
      
      - Move the `find_user_by_private_token` from the API `Helpers` module to
        the `APIGuard` module, to avoid littering `Helpers` with more
        auth-related methods to support `find_user_by_private_token`
  2. 01 Jul, 2016 1 commit
  3. 27 Jun, 2016 1 commit
  4. 22 Jun, 2015 1 commit
  5. 12 Feb, 2015 1 commit
  6. 24 Dec, 2014 1 commit