[openstreetmap/openstreetmap-website] Do not ask for application OAuth permissions repeatedly (#1455)

Ilya Zverev notifications at github.com
Wed Feb 22 17:14:16 UTC 2017


> So what you're saying is that the flow would be that you get a new request token, then when you go to /authorize it would somehow find and return the existing access token rather than creating a new one? The problem with that is that /authorize is implemented by the oauth-plugin gem, not by us.

No, it should find the last granted token, and if found, use permissions from it for creating a new token. And we already override the `oauth1_authorize` that processes the request: this is a matter of adding an `else` block to the `if request.post?` clause.

-- 
You are receiving this because you are subscribed to this thread.
Reply to this email directly or view it on GitHub:
https://github.com/openstreetmap/openstreetmap-website/issues/1455#issuecomment-281736003
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.openstreetmap.org/pipermail/rails-dev/attachments/20170222/8aac6eea/attachment-0001.html>


More information about the rails-dev mailing list