Closed dbarrosop closed 5 months ago
Latest commit: 0c2ff8b95cfcadd12d64ed49a59455715f92d2de
The changes in this PR will be included in the next version bump.
Not sure what this means? Click here to learn what changesets are.
Click here if you're a maintainer who wants to add another changeset to this PR
The idea is to provide
/elevate/webauthn
and/elevate/webauthn/verify
endpoints that work exactly like their/signin
equivalents with the following differences:X-Nhost-Auth-Elevated: user-uuid
The idea is to allow users to add an extra security step to allow performing certain operations. For instance, a user could:
X-Nhost-Auth-Elevated: user-uuid
to update/deleteBefore submitting this PR:
Checklist
Breaking changes
Avoid breaking changes and regressions. If you feel it is unavoidable, make it explicit in your PR comment so we can review it and see how to handle it.
Tests
make test
or themake watch
command).Documentation
Please make sure the documentation is updated accordingly, in particular: