Skip to content

Commit

Permalink
🔒️(api) securing API with LTI token
Browse files Browse the repository at this point in the history 
API was unsecure and anyone could make request to it from a browser.
Securing it with a LTI token verification on each endpoint, and to get the
`course_id`, the `roles` of the user and its `user_id`.
  • Loading branch information
@wilbrdt
wilbrdt committed Jun 6, 2024
1 parent b61e770 commit 6e4d67e
Show file tree
Hide file tree
Showing 4 changed files with 284 additions and 128 deletions.
1 change: 1 addition & 0 deletions CHANGELOG.md
View file
Original file line number Diff line number Diff line change
Expand Up @@ -11,6 +11,7 @@ and this project adheres to
### Changed

- Upgrade base Warren images to 0.3.0
- Secure API endpoints with LTI token

## [0.2.0] - 2024-05-23

Expand Down
1 change: 1 addition & 0 deletions src/api/plugins/tdbp/tests/conftest.py
View file
Original file line number Diff line number Diff line change
Expand Up @@ -6,6 +6,7 @@
import pytest
from warren.tests.fixtures.app import http_client
from warren.tests.fixtures.asynchronous import anyio_backend
from warren.tests.fixtures.auth import auth_headers
from warren.tests.fixtures.db import (
db_engine,
db_session,
Expand Down
Loading

0 comments on commit 6e4d67e

Please sign in to comment.