Kalior
commented
7 years ago I believe this is by design? @lindskogen
Closed abjugard closed 7 years ago
Kalior
commented
7 years ago I believe this is by design? @lindskogen
abjugard
commented
7 years ago Then why is the sessions route protected? Seems like a bug. In any case it is undesired behaviour.
I mean, I'm fine with other IT students participating in the program knowing whether I am in Hubben, but I don't want that information available openly on the internet.
lindskogen
commented
7 years ago It's a feature!™
As the title says, the route sessions.json does not require authentication at the moment, I don't know how we've missed this, but it's a serious oversight and needs to be fixed immediately.