[feature] Enforce OAuth token scopes (#3835)

* move tokenauth to apiutil * enforce scopes * docs * update test models, remove deprecated "follow" * file header * tests * tweak scope matcher * simplify... * fix tests * log user out of settings panel in case of oauth error
2025-10-30 23:02:25 -05:00 · 2025-02-26 13:04:55 +01:00 · 2025-02-26 13:04:55 +01:00 · eb720241da
commit eb720241da
parent f734a94c1c
213 changed files with 1762 additions and 1082 deletions
--- a/web/source/settings/components/authorization/index.tsx
+++ b/web/source/settings/components/authorization/index.tsx
@ -58,13 +58,9 @@ export function Authorization({ App }) {
 			</div>
 		);
 	} else if (error !== undefined) {
-		if ("status" in error && error.status === 401) {
-			// 401 unauthorized was received.
-			// That means the token or app we
-			// were using is no longer valid,
-			// so just log the user out.
-			logoutQuery(NoArg);
-		}
+		// Something went wrong,
+		// log the user out.
+		logoutQuery(NoArg);

 		content = (
 			<div>