From 9dcc82ead89b5ccf1f9b11849552003c11bceb93 Mon Sep 17 00:00:00 2001
From: Aaron Liu <abslant.liu@gmail.com>
Date: Thu, 5 Feb 2026 19:16:13 +0800
Subject: [PATCH] fix(router): login consent should be for authenticated
 audience only

---
 assets            | 2 +-
 routers/router.go | 2 +-
 2 files changed, 2 insertions(+), 2 deletions(-)

diff --git a/assets b/assets
index b900a868..21a98194 160000
--- a/assets
+++ b/assets
@@ -1 +1 @@
-Subproject commit b900a868aa9ab09df7876feb6ac2de40b3be23ae
+Subproject commit 21a98194339c89e375ac7e34fdb93d4aa0d213ef
diff --git a/routers/router.go b/routers/router.go
index cf364b80..45bdec91 100644
--- a/routers/router.go
+++ b/routers/router.go
@@ -326,7 +326,7 @@ func initMasterRouter(dep dependency.Dep) *gin.Engine {
 					controllers.GetAppRegistration,
 				)
 				oauthRouter.POST("consent",
-					middleware.Logging(),
+					middleware.LoginRequired(),
 					controllers.FromJSON[oauth.GrantService](oauth.GrantParamCtx{}),
 					controllers.GrantAppConsent,
 				)