Restrict access to oauth/applications to admins only

This commit is contained in:
Eugen Rochko 2016-10-23 12:08:52 +02:00
parent b746a931a5
commit 720d1f8f3d

View file

@ -15,7 +15,7 @@ Doorkeeper.configure do
# If you want to restrict access to the web interface for adding oauth authorized applications, you need to declare the block below.
admin_authenticator do
current_user || redirect_to(new_user_session_url)
(current_user && current_user.admin?) || redirect_to(new_user_session_url)
end
# Authorization Code expiration time (default 10 minutes).