authorize: check scope when granting by default
This commit is contained in:
parent
a5e1465c28
commit
fa7912621d
1 changed files with 1 additions and 0 deletions
|
@ -124,6 +124,7 @@ def authorize():
|
|||
if Token.query.filter(
|
||||
Token.client_id == grant.client.client_id,
|
||||
Token.user_id == current_user.get_user_id(),
|
||||
Token.scope == grant.request.scope,
|
||||
).count():
|
||||
# User has unrevoked token already - grant by default
|
||||
return authorization.create_authorization_response(grant_user=current_user)
|
||||
|
|
Loading…
Reference in a new issue