diff options
Diffstat (limited to 'actions/api.php')
| -rw-r--r-- | actions/api.php | 12 |
1 files changed, 7 insertions, 5 deletions
diff --git a/actions/api.php b/actions/api.php index 21fe4eea3..c18d551b6 100644 --- a/actions/api.php +++ b/actions/api.php @@ -127,18 +127,20 @@ class ApiAction extends Action 'laconica/wadl'); static $bareauth = array('statuses/user_timeline', + 'statuses/friends_timeline', 'statuses/friends', + 'statuses/replies', 'statuses/followers', 'favorites/favorites'); - # If the site is "private", all API methods need authentication - + $fullname = "$this->api_action/$this->api_method"; + + // If the site is "private", all API methods except laconica/config + // need authentication if (common_config('site', 'private')) { - return true; + return $fullname != 'laconica/config' || false; } - $fullname = "$this->api_action/$this->api_method"; - if (in_array($fullname, $bareauth)) { # bareauth: only needs auth if without an argument if ($this->api_arg) { |