Skip to content

Commit

Permalink
🔒️(api) securing API with LTI token
Browse files Browse the repository at this point in the history 
API was unsecure and anyone could make request to it from a browser.
Securing it with a LTI token verification on each endpoint, and to get the
`course_id`, the `roles` of the user and its `user_id`.
  • Loading branch information
@wilbrdt
wilbrdt committed Jun 3, 2024
1 parent b3b22ba commit e3acd4e
Show file tree
Hide file tree
Showing 4 changed files with 287 additions and 128 deletions.
4 changes: 4 additions & 0 deletions CHANGELOG.md
View file
Original file line number Diff line number Diff line change
Expand Up @@ -8,6 +8,10 @@ and this project adheres to

## Unreleased

### Changed

- Secure API endpoints with LTI token

## [0.2.0] - 2024-05-23

### Changed
Expand Down
1 change: 1 addition & 0 deletions src/api/plugins/tdbp/tests/conftest.py
View file
Original file line number Diff line number Diff line change
Expand Up @@ -6,6 +6,7 @@
import pytest
from warren.tests.fixtures.app import http_client
from warren.tests.fixtures.asynchronous import anyio_backend
from warren.tests.fixtures.auth import auth_headers
from warren.tests.fixtures.db import (
db_engine,
db_session,
Expand Down
Loading

0 comments on commit e3acd4e

Please sign in to comment.