mirror of
https://github.com/glitch-soc/mastodon.git
synced 2025-01-13 11:13:05 -05:00
62c6e12fa5
Fixes #17898 Since #17204, the admin API has only been available through the web application because of the unconditional requirement to provide a valid CSRF token. This commit changes it back to `null_session`, which should make it work both with session-based authentication (provided a CSRF token) and with a bearer token.