AritDeveloperCircle / findyourpeople

MIT License
8 stars 0 forks source link

Guard Managers Route and Add Listing Route #97

Closed ibimina closed 1 year ago

ibimina commented 1 year ago

We need to enhance the security of our platform by implementing route guards for the managers' and community listing creation routes. Currently, the managers' routes are accessible without any authentication, which poses a security risk.

Acceptance Criteria:

msarit commented 1 year ago

@ibimina for security reasons, I think an unauthorized attempt should return 404; 403 signals that there is a resource there. @annonymousauthority what do you think? I defer to your counsel 😅

ibimina commented 1 year ago

Okay

annonymousauthority commented 1 year ago

Yup, to avoid possible attacks you don't want to be overly precise with the reports.