From 2b30e0060ba28dda9be8f85f2198d8daee9e153a Mon Sep 17 00:00:00 2001
From: =?utf8?q?David=20=E2=80=98Bombe=E2=80=99=20Roden?=
 <bombe@pterodactylus.net>
Date: Fri, 14 Jan 2011 21:50:31 +0100
Subject: [PATCH] Require a login.

---
 .../java/net/pterodactylus/sone/web/ajax/JsonPage.java    | 15 +++++++++++++++
 1 file changed, 15 insertions(+)

diff --git a/src/main/java/net/pterodactylus/sone/web/ajax/JsonPage.java b/src/main/java/net/pterodactylus/sone/web/ajax/JsonPage.java
index 605afaf..8d48bce 100644
--- a/src/main/java/net/pterodactylus/sone/web/ajax/JsonPage.java
+++ b/src/main/java/net/pterodactylus/sone/web/ajax/JsonPage.java
@@ -137,6 +137,16 @@ public abstract class JsonPage implements Page {
 		return true;
 	}
 
+	/**
+	 * Returns whether this page requires the user to be logged in.
+	 *
+	 * @return {@code true} if the user needs to be logged in to use this page,
+	 *         {@code false} otherwise
+	 */
+	protected boolean requiresLogin() {
+		return true;
+	}
+
 	//
 	// PROTECTED METHODS
 	//
@@ -184,6 +194,11 @@ public abstract class JsonPage implements Page {
 				return new Response(401, "Not authorized", "application/json", JsonUtils.format(new JsonObject().put("success", false).put("error", "auth-required")));
 			}
 		}
+		if (requiresLogin()) {
+			if (getCurrentSone(request.getToadletContext(), false) == null) {
+				return new Response(401, "Not authorized", "application/json", JsonUtils.format(createErrorJsonObject("auth-required")));
+			}
+		}
 		JsonObject jsonObject = createJsonObject(request);
 		return new Response(200, "OK", "application/json", JsonUtils.format(jsonObject));
 	}
-- 
2.7.4