From f1a64b059d430cd2e334e297c43ae8053104ab05 Mon Sep 17 00:00:00 2001
From: mrw1593 <botahamec@outlook.com>
Date: Mon, 29 May 2023 17:18:39 -0400
Subject: Optional authorization

---
 src/api/oauth.rs | 4 +++-
 1 file changed, 3 insertions(+), 1 deletion(-)

(limited to 'src/api')

diff --git a/src/api/oauth.rs b/src/api/oauth.rs
index a563ac8..d77695e 100644
--- a/src/api/oauth.rs
+++ b/src/api/oauth.rs
@@ -67,14 +67,16 @@ struct TokenRequest {
 	#[serde(flatten)]
 	grant_type: GrantType,
 	scope: String, // TODO lol no
+	               // TODO support optional client credentials in here
 }
 
 #[post("/token")]
 async fn token(
 	db: web::Data<MySqlPool>,
 	req: web::Form<TokenRequest>,
-	authorization: web::Header<authorization::BasicAuthorization>, // TODO make this optional
+	authorization: Option<web::Header<authorization::BasicAuthorization>>,
 ) -> HttpResponse {
+	// TODO protect against brute force attacks
 	todo!()
 }
 
-- 
cgit v1.2.3