This starts the path toward #1069 by adding an environment variable ALLOW_PUBLIC_VIEW that determines whether you need to be logged in to have view permissions on API routes. For now, it defaults to false, but once we are comfortable that it's safe, we'll switch the default to true.
This starts the path toward #1069 by adding an environment variable
ALLOW_PUBLIC_VIEW
that determines whether you need to be logged in to haveview
permissions on API routes. For now, it defaults to false, but once we are comfortable that it's safe, we'll switch the default to true.