Closed abjugard closed 7 years ago
I believe this is by design? @lindskogen
Then why is the sessions route protected? Seems like a bug. In any case it is undesired behaviour.
I mean, I'm fine with other IT students participating in the program knowing whether I am in Hubben, but I don't want that information available openly on the internet.
It's a feature!™
As the title says, the route sessions.json does not require authentication at the moment, I don't know how we've missed this, but it's a serious oversight and needs to be fixed immediately.