dcramer
commented
2 years ago This likely also fixes avatars in emails due to the auth change
Closed dcramer closed 2 years ago
dcramer
commented
2 years ago This likely also fixes avatars in emails due to the auth change
This adds support for full application-enforced authentication, with optional IAP headers. Some UX will not be great yet (e.g. the 401 page is useless).
It adds tests for all existing routes that require auth, as well as pages requiring admin.
Pages which are allowed without auth are:
Contains a set of test utilities to easily assert on auth requirements, as well as helpers to mock identities.