You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Some of the admin endpoints and those used by dashboard should be accessible only by admins who are logged in. Code in backend/middleware/auth.js makes use of jwt token returned upon successful authentication. We should use it consistently for all endpoints that need protection.
Currently, questionnaire answers are posted by users who are not authenticated. We should come up with a mechanism to validate these are legitimate requests from our UI.
The text was updated successfully, but these errors were encountered:
Some of the admin endpoints and those used by dashboard should be accessible only by admins who are logged in. Code in backend/middleware/auth.js makes use of jwt token returned upon successful authentication. We should use it consistently for all endpoints that need protection.
Currently, questionnaire answers are posted by users who are not authenticated. We should come up with a mechanism to validate these are legitimate requests from our UI.
The text was updated successfully, but these errors were encountered: