Describe the bug
Creating an API key from a non-admin user, still allows the non-admin user to check out/in as any other user.
To Reproduce
Create a user with limited access rights on the server, but allow them to create API keys. Link the API key to the app without modifying PHP (as it only makes sense that an admin would do that).
Expected behavior
API key should only allow the user to check-out/in using their own username.
Smartphone (please complete the following information):
Device: NOKIA XR20
OS: Android 13
Additional context
Alternative suggestions: have a login for user.
Describe the bug Creating an API key from a non-admin user, still allows the non-admin user to check out/in as any other user.
To Reproduce Create a user with limited access rights on the server, but allow them to create API keys. Link the API key to the app without modifying PHP (as it only makes sense that an admin would do that).
Expected behavior API key should only allow the user to check-out/in using their own username.
Smartphone (please complete the following information):
Additional context Alternative suggestions: have a login for user.