niehusst
commented
3 months ago maybe this will just end up being implicitly locked rather than explicitly... the game play pages will do an auth-required fetch req that will 401, and on 401 resp, frontend can redirect to a login page
things like the GamePlay Page should only be accessible to authed users. We should be able to build this into the Session. Backed will validate the httpOnly auth cookie... and somehow tell frontend
dont want to block whole home page from loading by doing auth as soon as page load, so use cookie presense as a hint, but meybe perform auth request to server on nav to Session protected route?? idk that still feels like too many requests