diff options
Diffstat (limited to 'src/api')
| -rw-r--r-- | src/api/oauth.rs | 4 |
1 files changed, 3 insertions, 1 deletions
diff --git a/src/api/oauth.rs b/src/api/oauth.rs index a563ac8..d77695e 100644 --- a/src/api/oauth.rs +++ b/src/api/oauth.rs @@ -67,14 +67,16 @@ struct TokenRequest { #[serde(flatten)] grant_type: GrantType, scope: String, // TODO lol no + // TODO support optional client credentials in here } #[post("/token")] async fn token( db: web::Data<MySqlPool>, req: web::Form<TokenRequest>, - authorization: web::Header<authorization::BasicAuthorization>, // TODO make this optional + authorization: Option<web::Header<authorization::BasicAuthorization>>, ) -> HttpResponse { + // TODO protect against brute force attacks todo!() } |