2
0
mirror of https://github.com/jfmcbrayer/brutaldon synced 2024-12-23 05:43:41 +01:00

Also only ask for specific scopes on login, not just client creation

This commit is contained in:
Jason McBrayer 2018-08-27 10:53:35 -04:00
parent a3db39988d
commit 73f8ded761

View File

@ -214,7 +214,8 @@ def oauth_callback(request):
api_base_url=request.session['instance'])
redirect_uri = request.build_absolute_uri(reverse('oauth_callback'))
access_token = mastodon.log_in(code=code,
redirect_uri=redirect_uri)
redirect_uri=redirect_uri,
scopes=['read', 'write', 'follow'])
request.session['access_token'] = access_token
user = mastodon.account_verify_credentials()
request.session['user'] = user
@ -267,7 +268,8 @@ def old_login(request):
client = client)
try:
access_token = mastodon.log_in(username,
password)
password,
scopes=['read', 'write', 'follow'])
account.access_token = access_token
account.save()
request.session['username'] = username