search

thevahidal / soul

🕉 A SQLite REST and realtime server
https://thevahidal.github.io/soul/
MIT License
1.51k stars 51 forks source link

Change auth strategy #174

Closed AbegaM closed 6 months ago

AbegaM commented 6 months ago

173

Modifications

  1. Fixed error in the updateSuperuser function
  2. Added quotes in the updateRow controller function to avoid errors that can be created by using reserved words like create and update in the SQL query
  3. Added a validation schema in the roles_permissoins endpoint to only accept 0/1 values for the create, read, update and delete fields
  4. Changed the auth strategy and removed the users permission from the token

Note

@thevahidal I saw a request to add a new API to see a users permission but we can use this endpoint to get permissions

/api/tables/_roles_permissions/rows?role_id