without "reqToken()" api works ...

* should be still secure beause ctx.user has to be there or nothing will hapen
This commit is contained in:
6543 2019-10-29 16:27:44 +01:00
parent 1aced19838
commit 7c24ae37b8
No known key found for this signature in database
GPG key ID: A1CA74D27FD13271

View file

@ -689,9 +689,9 @@ func RegisterRoutes(m *macaron.Macaron) {
m.Post("/stop", reqToken(), repo.StopIssueStopwatch)
})
m.Group("/subscriptions", func() {
m.Get("", reqToken(), bind(api.User{}), repo.GetIssueWatchers)
m.Put("/:user", reqToken(), repo.AddIssueSubscription)
m.Delete("/:user", reqToken(), repo.DelIssueSubscription)
m.Get("", bind(api.User{}), repo.GetIssueWatchers)
m.Put("/:user", repo.AddIssueSubscription)
m.Delete("/:user", repo.DelIssueSubscription)
})
})
}, mustEnableIssuesOrPulls)