Closed lebe1 closed 10 months ago
This should actually work like Adds handler for vendor overview with the route /me/
without an id. So i can only get my own data. The keycloak userinfo should include the email, that is then used for searching the vendor.
This should actually work like
Adds handler for vendor overview with the route /me/
without an id. So i can only get my own data. The keycloak userinfo should include the email, that is then used for searching the vendor.
Okay there is some gap that I still do not understand about keycloak providing us specific information but if you say all I should is removing the /{id}/ part I will do this and merge it @nanu-c ?
Type of change
Description
IMPORTANT TO KNOW
CHANGES
/me/{id}
TODO
I think need one more check in our
VendorsAuthMiddleware
that the Email of our vendor matches with the one on keycloak. If we won't implement it, I assume anyone can log into someone else's account, right @nanu-c ?Checklist: