Authenticate resource and skip authorization in initializers/doorkeeper

monterail · Sep 15, 2014 · 01b7bd9 · 01b7bd9
1 parent f81a96d
commit 01b7bd9
Showing 1 changed file with 5 additions and 7 deletions.
diff --git a/config/initializers/doorkeeper.rb b/config/initializers/doorkeeper.rb
@@ -5,10 +5,7 @@
 
   # This block will be called to check whether the resource owner is authenticated or not.
   resource_owner_authenticator do
-    raise "Please configure doorkeeper resource_owner_authenticator block located in #{__FILE__}"
-    # Put your resource owner authentication logic here.
-    # Example implementation:
-    #   User.find_by_id(session[:user_id]) || redirect_to(new_user_session_url)
+    current_user || warden.authenticate!(scope: :user)
   end
 
   # If you want to restrict access to the web interface for adding oauth authorized applications, you need to declare the block below.
@@ -61,7 +58,8 @@
   # Under some circumstances you might want to have applications auto-approved,
   # so that the user skips the authorization step.
   # For example if dealing with trusted a application.
-  # skip_authorization do |resource_owner, client|
-  #   client.superapp? or resource_owner.admin?
-  # end
+  skip_authorization do |resource_owner, client|
+    true
+  end
 end
+