Closed tsa96 closed 6 months ago
Endpoint | Public |
---|---|
auth/web | FALSE |
auth/web/return | FALSE |
auth/game | FALSE |
auth/refresh | FALSE |
auth/revoke | FALSE |
users | TRUE |
users/{userID} | TRUE |
users/{userID}/profile | TRUE |
users/{userID}/activities | TRUE |
users/{userID}/followers | TRUE |
users/{userID}/follows | TRUE |
users/{userID}/credits | TRUE |
runs | TRUE |
runs/{id} | TRUE |
maps | TRUE |
maps/{mapID} | TRUE |
maps/submissions | FALSE |
maps/{mapID}/testInvite | FALSE |
maps/{mapID}/testInviteResponse | FALSE |
maps/{mapID}/credits | If Approved/PT |
maps/{mapID}/credits/{userID} | If Approved/PT |
maps/{mapID}/info | If Approved/PT |
maps/{mapID}/zones | If Approved/PT |
maps/{mapID}/images | If Approved/PT |
maps/{mapID}/leaderboard | If Approved/PT |
maps/{mapID}/leaderboard/run | If Approved/PT |
maps/{mapID}/leaderboardStats | If Approved/PT |
maps/{mapID}/reviews | If Approved/PT |
session/run | FALSE |
session/run/{sessionID} | FALSE |
session/run/{sessionID}/end | FALSE |
admin/users | FALSE |
admin/users/merge | FALSE |
admin/users/{userID} | FALSE |
admin/maps | FALSE |
admin/maps/submissions | FALSE |
admin/maps/{mapID} | FALSE |
admin/reports | FALSE |
admin/reports/{reportID} | FALSE |
admin/map-review/{reviewID} | FALSE |
admin/activities | FALSE |
admin/activities/{userID} | FALSE |
map-review/{reviewID} | TRUE |
map-review/{reviewID}/comments | TRUE |
map-review/comments/{commentID} | FALSE |
activities | Osplo working on it, ignore |
reports | FALSE |
user | FALSE |
user/profile | FALSE |
user/follow/{userID} | FALSE |
user/notifyMap/{mapID} | FALSE |
user/activities | FALSE |
user/activities/followed | FALSE |
user/notifications | FALSE |
user/notifications/{notificationID} | FALSE |
user/maps/library | FALSE |
user/maps/library/{mapID} | FALSE |
user/maps/favorites | FALSE |
user/maps/favorites/{mapID} | FALSE |
user/maps/submitted | FALSE |
user/maps/submitted/summary | FALSE |
We get requested to add this basically every time the dashboard gets brought up. Now that the repo is in a much more organised state overall, and we have a much clearer authentication workflow, this should be pretty easy.
This isn't a complete spec, I'll add more in the future, just want to get something simple tracked now so I can reference in other places.
Frontend
LocalUserService
andAuthService
so it cleanly handles not having an active JWT or user account in thelocalUserSubject
field.LoggedInGuard
guard that can protect any routes that don't make sense to view if you don't have a login - I can provide a full list of these if needed.429 - Too many requests
by sending a toast to users saying something like "You are being rate limited! Please sign in to increase your request capacity.".ORDER BY
s that don't have much indexing to help them.Backend
@LoggedInUser
decorator to handle cases where the JWT is missing - would sure be nice to haveenableStrictNullChecks
on by this point...If anyone wants to pick this up, definitely get in touch with me on Discord. This is a big change and I'm only providing loose details here, we'll want to write up something more precise in the future, probably after 0.10.0's release.