Login route && Auth.
bradcypert opened this issue · comments
Brad commented
/login
needs to return an auth token.
The auth token can be passed in on subsequent requests and will be checked to be a valid user.
This needs to be checked on any data creation and any sensitive data.
All POST
, PATCH
, DELETE
and PUT
requests need to be wrapped in this check.