Upgrade to 3.7.1

kirby/config/api/authentication.php

@@ -3,25 +3,25 @@
 use Kirby\Exception\PermissionException;
 
 return function () {
-    $auth               = $this->kirby()->auth();
-    $allowImpersonation = $this->kirby()->option('api.allowImpersonation') ?? false;
+	$auth               = $this->kirby()->auth();
+	$allowImpersonation = $this->kirby()->option('api.allowImpersonation') ?? false;
 
-    // csrf token check
-    if (
-        $auth->type($allowImpersonation) === 'session' &&
-        $auth->csrf() === false
-    ) {
-        throw new PermissionException('Unauthenticated');
-    }
+	// csrf token check
+	if (
+		$auth->type($allowImpersonation) === 'session' &&
+		$auth->csrf() === false
+	) {
+		throw new PermissionException('Unauthenticated');
+	}
 
-    // get user from session or basic auth
-    if ($user = $auth->user(null, $allowImpersonation)) {
-        if ($user->role()->permissions()->for('access', 'panel') === false) {
-            throw new PermissionException(['key' => 'access.panel']);
-        }
+	// get user from session or basic auth
+	if ($user = $auth->user(null, $allowImpersonation)) {
+		if ($user->role()->permissions()->for('access', 'panel') === false) {
+			throw new PermissionException(['key' => 'access.panel']);
+		}
 
-        return $user;
-    }
+		return $user;
+	}
 
-    throw new PermissionException('Unauthenticated');
+	throw new PermissionException('Unauthenticated');
 };