Closed CSP02 closed 2 months ago
API isn't checking if the request has an authorization header. instead it is directly trying to get the token from the header. Gonna check if there is authorization header present in the request and then proceed to grab the token from it.
Added this in latest commit along with authorization middleware for protected routes.
API isn't checking if the request has an authorization header. instead it is directly trying to get the token from the header. Gonna check if there is authorization header present in the request and then proceed to grab the token from it.