From 2ca410d92e8dba22dc60abc98378b779ec20fcd5 Mon Sep 17 00:00:00 2001
From: Hillel Coren <hillelcoren@gmail.com>
Date: Sun, 5 Mar 2017 12:29:28 +0200
Subject: [PATCH] Allow ping with api_secret or account token

---
 app/Http/Middleware/ApiCheck.php | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

diff --git a/app/Http/Middleware/ApiCheck.php b/app/Http/Middleware/ApiCheck.php
index 0d1c74088945..80554c977acc 100644
--- a/app/Http/Middleware/ApiCheck.php
+++ b/app/Http/Middleware/ApiCheck.php
@@ -28,7 +28,6 @@ class ApiCheck
     {
         $loggingIn = $request->is('api/v1/login')
             || $request->is('api/v1/register')
-            || $request->is('api/v1/ping')
             || $request->is('api/v1/oauth_login');
 
         $headers = Utils::getApiHeaders();
@@ -55,6 +54,8 @@ class ApiCheck
             if ($token && $token->user) {
                 Auth::onceUsingId($token->user_id);
                 Session::set('token_id', $token->id);
+            } elseif ($hasApiSecret && $request->is('api/v1/ping')) {
+                // do nothing: allow ping with api_secret or account token
             } else {
                 sleep(ERROR_DELAY);
                 $error['error'] = ['message' => 'Invalid token'];