diff --git a/api/server.go b/api/server.go index 716467e6..e29a0dc2 100644 --- a/api/server.go +++ b/api/server.go @@ -535,18 +535,18 @@ func NewApiServer(config config.Config) *ApiServer { // Developer Apps g.Get("/developer_apps/:address", app.v1DeveloperApps) g.Get("/developer-apps/:address", app.v1DeveloperApps) - g.Post("/developer_apps", app.postV1UsersDeveloperApp) - g.Post("/developer-apps", app.postV1UsersDeveloperApp) - g.Put("/developer_apps/:address", app.putV1UsersDeveloperApp) - g.Put("/developer-apps/:address", app.putV1UsersDeveloperApp) - g.Delete("/developer_apps/:address", app.deleteV1UsersDeveloperApp) - g.Delete("/developer-apps/:address", app.deleteV1UsersDeveloperApp) - g.Post("/developer_apps/:address/access-keys/deactivate", app.postV1UsersDeveloperAppAccessKeyDeactivate) - g.Post("/developer-apps/:address/access-keys/deactivate", app.postV1UsersDeveloperAppAccessKeyDeactivate) + g.Post("/developer_apps", app.requireAuthMiddleware, app.requireWriteScope, app.postV1UsersDeveloperApp) + g.Post("/developer-apps", app.requireAuthMiddleware, app.requireWriteScope, app.postV1UsersDeveloperApp) + g.Put("/developer_apps/:address", app.requireAuthMiddleware, app.requireWriteScope, app.putV1UsersDeveloperApp) + g.Put("/developer-apps/:address", app.requireAuthMiddleware, app.requireWriteScope, app.putV1UsersDeveloperApp) + g.Delete("/developer_apps/:address", app.requireAuthMiddleware, app.requireWriteScope, app.deleteV1UsersDeveloperApp) + g.Delete("/developer-apps/:address", app.requireAuthMiddleware, app.requireWriteScope, app.deleteV1UsersDeveloperApp) + g.Post("/developer_apps/:address/access-keys/deactivate", app.requireAuthMiddleware, app.requireWriteScope, app.postV1UsersDeveloperAppAccessKeyDeactivate) + g.Post("/developer-apps/:address/access-keys/deactivate", app.requireAuthMiddleware, app.requireWriteScope, app.postV1UsersDeveloperAppAccessKeyDeactivate) g.Post("/developer_apps/:address/register-api-key", app.requireAuthMiddleware, app.requireWriteScope, app.postV1UsersDeveloperAppRegisterApiKey) g.Post("/developer-apps/:address/register-api-key", app.requireAuthMiddleware, app.requireWriteScope, app.postV1UsersDeveloperAppRegisterApiKey) - g.Post("/developer_apps/:address/access-keys", app.postV1UsersDeveloperAppAccessKey) - g.Post("/developer-apps/:address/access-keys", app.postV1UsersDeveloperAppAccessKey) + g.Post("/developer_apps/:address/access-keys", app.requireAuthMiddleware, app.requireWriteScope, app.postV1UsersDeveloperAppAccessKey) + g.Post("/developer-apps/:address/access-keys", app.requireAuthMiddleware, app.requireWriteScope, app.postV1UsersDeveloperAppAccessKey) // OAuth2 PKCE g.Get("/oauth/authorize", app.v1OAuthAuthorizeRedirect)