Fix #3462 - Require authentication for search API (#4155)

This makes it consistent with /api/v1/accounts/search and previous behaviour has been an oversight.
2017-07-11 17:08:26 +02:00
parent e19eefe219
commit f93de3a516
1 changed files with 3 additions and 0 deletions
--- a/app/controllers/api/v1/search_controller.rb
+++ b/app/controllers/api/v1/search_controller.rb
@ -3,6 +3,9 @@
 class Api::V1::SearchController < Api::BaseController
  RESULTS_LIMIT = 5

+  before_action -> { doorkeeper_authorize! :read }
+  before_action :require_user!
+
  respond_to :json

  def index