vivekshresta
commented
4 years ago This is session hijacking. We can integrate JWT token authentication as an additional step in every request. UserManagement microservice should handle this.
Open rgrishigajra opened 4 years ago
vivekshresta
commented
4 years ago This is session hijacking. We can integrate JWT token authentication as an additional step in every request. UserManagement microservice should handle this.
As things stand right now, the list of jobs are tagged with image urls but another logged user can query the result for someone elses job if he gets the jobid somehow related to the issue at https://github.com/airavata-courses/HogwartsRejects/issues/13