From b33b22e0b3bbda34ae7039a76feebce2749be825 Mon Sep 17 00:00:00 2001 From: James Cole Date: Fri, 24 Apr 2026 05:37:55 +0200 Subject: [PATCH] Let's add some authentication before I am drowned in reports. --- app/Http/Controllers/Profile/OAuthController.php | 3 +++ routes/web.php | 1 + 2 files changed, 4 insertions(+) diff --git a/app/Http/Controllers/Profile/OAuthController.php b/app/Http/Controllers/Profile/OAuthController.php index fb223f8164..bc0190f98b 100644 --- a/app/Http/Controllers/Profile/OAuthController.php +++ b/app/Http/Controllers/Profile/OAuthController.php @@ -115,6 +115,9 @@ final class OAuthController extends Controller public function listClients(): JsonResponse { + if(!auth()->check()) { + return response()->json([]); + } Log::debug('Now in listClients()'); // Retrieving all the OAuth app clients that belong to the user... $clients = auth()->user()->oauthApps()->where('revoked', false)->get(); diff --git a/routes/web.php b/routes/web.php index be828f9756..2ec4e8e025 100644 --- a/routes/web.php +++ b/routes/web.php @@ -34,6 +34,7 @@ Route::group( [ 'as' => 'passport.', 'prefix' => 'oauth', + 'middleware' => ['user-full-auth'] // 'namespace' => 'FireflyIII\Http\Controllers\OAuth', ], function (): void {