From 6ba7d4339106338427578bdf079984d8582ceab0 Mon Sep 17 00:00:00 2001 From: Daniel Supernault Date: Thu, 31 Mar 2022 00:04:04 -0600 Subject: [PATCH] Updaet PublicApiController, disable legacy public access to local timeline --- app/Http/Controllers/PublicApiController.php | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/app/Http/Controllers/PublicApiController.php b/app/Http/Controllers/PublicApiController.php index 8026d7693..517e9d97b 100644 --- a/app/Http/Controllers/PublicApiController.php +++ b/app/Http/Controllers/PublicApiController.php @@ -293,8 +293,8 @@ class PublicApiController extends Controller 'limit' => 'nullable|integer|max:30' ]); - if(config('instance.timeline.local.is_public') == false && !Auth::check()) { - abort(403, 'Authentication required.'); + if(!$request->user()) { + return response('', 403); } $page = $request->input('page');