From eb720241da3d786c6ec79f2325277fa4af23846f Mon Sep 17 00:00:00 2001
From: tobi <31960611+tsmethurst@users.noreply.github.com>
Date: Wed, 26 Feb 2025 13:04:55 +0100
Subject: [feature] Enforce OAuth token scopes (#3835)

* move tokenauth to apiutil

* enforce scopes

* docs

* update test models, remove deprecated "follow"

* file header

* tests

* tweak scope matcher

* simplify...

* fix tests

* log user out of settings panel in case of oauth error
---
 web/source/settings/components/authorization/login.tsx | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

(limited to 'web/source/settings/components/authorization/login.tsx')

diff --git a/web/source/settings/components/authorization/login.tsx b/web/source/settings/components/authorization/login.tsx
index 870e9c343..28ed7953c 100644
--- a/web/source/settings/components/authorization/login.tsx
+++ b/web/source/settings/components/authorization/login.tsx
@@ -31,7 +31,7 @@ export default function Login({ }) {
 		instance: useTextInput("instance", {
 			defaultValue: window.location.origin
 		}),
-		scopes: useValue("scopes", "user admin"),
+		scopes: useValue("scopes", "read write admin"),
 	};
 
 	const [formSubmit, result] = useFormSubmit(form, useAuthorizeFlowMutation(), { 
-- 
cgit v1.2.3