From 52ce1e26602beffa8d8d38049702797c6907d896 Mon Sep 17 00:00:00 2001
From: Adhityaa Chandrasekar <adtac@adtac.in>
Date: Mon, 18 Feb 2019 11:07:16 -0500
Subject: [PATCH] comment_new.go: enforce RequireIdentification when anonymous

Yikes, I can't believe I forgot about this.
---
 api/comment_new.go | 5 +++++
 1 file changed, 5 insertions(+)

diff --git a/api/comment_new.go b/api/comment_new.go
index e0e5192..57cf54d 100644
--- a/api/comment_new.go
+++ b/api/comment_new.go
@@ -77,6 +77,11 @@ func commentNewHandler(w http.ResponseWriter, r *http.Request) {
 		return
 	}
 
+	if d.RequireIdentification && *x.CommenterToken == "anonymous" {
+		bodyMarshal(w, response{"success": false, "message": errorNotAuthorised.Error()})
+		return
+	}
+
 	// logic: (empty column indicates the value doesn't matter)
 	// | anonymous | moderator | requireIdentification | requireModeration | moderateAllAnonymous | approved? |
 	// |-----------+-----------+-----------------------+-------------------+----------------------+-----------|