7fa06ed55d
- Move the `Oauth2::AccessTokenValidationService` class to `AccessTokenValidationService`, since it is now being used for personal access token validation as well. - Each API endpoint declares the scopes it accepts (if any). Currently, the top level API module declares the `api` scope, and the `Users` API module declares the `read_user` scope (for GET requests). - Move the `find_user_by_private_token` from the API `Helpers` module to the `APIGuard` module, to avoid littering `Helpers` with more auth-related methods to support `find_user_by_private_token` |
||
---|---|---|
.. | ||
assets | ||
controllers | ||
finders | ||
helpers | ||
mailers | ||
models | ||
policies | ||
serializers | ||
services | ||
uploaders | ||
validators | ||
views | ||
workers |