Skuzzle-UK
commented
1 year ago Basic authentication token requirement added. Next on the agenda is to do database lookup for user / password. Password should not be stored but rather a hash should be stored preferably created using the Argon2id algorithm.
Require sign-up and authentication for access to API. We will need various levels of user:
Administrator, Consumer, etc
Users should have access to create/edit their own races, players etc and be able to share these to other users but they should not be able to edit/delete other users items or the original seed data.
This may be better split into separate tasks in the future