Currently, the POST /images endpoint allows anyone to upload images without any authentication or other restrictions in place. This is extremely vulnerable to abuse (e.g., DDOS attacks).
As a quick solution, we should make this an admin endpoint protected by the auth token (since we won't be allowing end users to mint initially anyway).
Currently, the
POST /imagesendpoint allows anyone to upload images without any authentication or other restrictions in place. This is extremely vulnerable to abuse (e.g., DDOS attacks).As a quick solution, we should make this an admin endpoint protected by the auth token (since we won't be allowing end users to mint initially anyway).