Authorization middleware #10
Labels
No labels
area:auth
area:ci
area:db
area:infra
area:native
area:pwa
area:service
epic
feature
foundation
No milestone
No project
No assignees
1 participant
Notifications
Due date
No due date set.
Dependencies
No dependencies set.
Reference
james/carol#10
Loading…
Add table
Add a link
Reference in a new issue
No description provided.
Delete branch "%!s()"
Deleting a branch is permanent. Although the deleted branch may continue to exist for a short time before it actually gets removed, it CANNOT be undone in most cases. Continue?
Centralize the rule: every endpoint except
/api/healthand the auth callbacks requires a valid session.Scope
/api/healthand the auth callback routes through unauthenticated./api/*route returns 401.Acceptance criteria
/api/anything-elsereturns 401./api/healthreturns 200.Part of epic #1. Depends on #7.