codecov[bot]
commented
1 year ago Codecov Report
Patch coverage: 100.00% and no project coverage change.
Comparison is base (
08a2dbd) 98.15% compared to head (ad2ff70) 98.16%.
Additional details and impacted files
```diff @@ Coverage Diff @@ ## master #813 +/- ## ======================================= Coverage 98.15% 98.16% ======================================= Files 34 34 Lines 4454 4460 +6 ======================================= + Hits 4372 4378 +6 Misses 82 82 ``` | [Impacted Files](https://app.codecov.io/gh/Flask-Middleware/flask-security/pull/813?src=pr&el=tree&utm_medium=referral&utm_source=github&utm_content=comment&utm_campaign=pr+comments&utm_term=Flask-Middleware) | Coverage Δ | | |---|---|---| | [flask\_security/decorators.py](https://app.codecov.io/gh/Flask-Middleware/flask-security/pull/813?src=pr&el=tree&utm_medium=referral&utm_source=github&utm_content=comment&utm_campaign=pr+comments&utm_term=Flask-Middleware#diff-Zmxhc2tfc2VjdXJpdHkvZGVjb3JhdG9ycy5weQ==) | `96.23% <100.00%> (+0.09%)` | :arrow_up: |:umbrella: View full report in Codecov by Sentry.
:loudspeaker: Do you have feedback about the report comment? Let us know in this issue.
If an endpoint was decorated with "session" only - a properly submitted token would also be accepted. Fix that by checking as part of the auth_required() decorator and the user is authenticated AND was authenticated using the _user_loader (which is what flask-login calls for session based authenticated).
close #791