aljaz/btcpayserver
1
0
Fork 0
mirror of https://github.com/aljazceru/btcpayserver.git synced 2025-12-17 14:04:26 +01:00
Code Issues Packages Projects Releases Wiki Activity

Use policies security for controlling access to bitpay api

Browse Source
This commit is contained in:
nicolas.dorier
2018-05-11 17:16:18 +09:00
parent 199db01eaf
commit 6f07849e1d
2 changed files with 6 additions and 2 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
BTCPayServer/Controllers/InvoiceController.API.cs
View File

@@ -13,11 +13,14 @@ using BTCPayServer.Data;
using BTCPayServer.Services.Invoices;
using Microsoft.AspNetCore.Cors;
using BTCPayServer.Services.Stores;
using Microsoft.AspNetCore.Authorization;
using BTCPayServer.Security;
namespace BTCPayServer.Controllers
{
[EnableCors("BitpayAPI")]
[BitpayAPIConstraint]
[Authorize(Policies.CanUseStore.Key)]
public class InvoiceControllerAPI : Controller
{
private InvoiceController _InvoiceController;
@@ -43,6 +46,7 @@ namespace BTCPayServer.Controllers
[HttpGet]
[Route("invoices/{id}")]
[AllowAnonymous]
public async Task<DataWrapper<InvoiceResponse>> GetInvoice(string id, string token)
{
var invoice = await _InvoiceRepository.GetInvoice(null, id);