Adds a couple of policies that can be used on endpoint authorization. There needs to be checks in the handler if the participant id is the same as the request id and if so do some kind of work. Otherwise anyone could delete and move users.
All other authorization should be implemented in the handlers.
Adds a couple of policies that can be used on endpoint authorization. There needs to be checks in the handler if the participant id is the same as the request id and if so do some kind of work. Otherwise anyone could delete and move users.
All other authorization should be implemented in the handlers.
See Fast Endpoints Authorization for more information.
Closes #27