mealie

History

sephrat 6320ba7ec5 API security hardening (#571 ) * Enhance security and safety around user update API - Prevent a regular user from promoting themself to admin - Prevent an admin from demoting themself - Refactor token fixture to admin + regular user tokens * Restrict user CRUD API to admins * Secure admin API routes * Refactor APIrouter into Admin/UserAPIRouter * Secure theme routes * Make 'all recipes' routes public * Secure favorite routes * Remove redundant checks * Fix public routes mistakenly flagged user routes * Make webhooks changeable only by admin * Allow users to create categories and tags * Address lint issues		2021-06-22 10:22:15 -08:00
..
recipe_tests	API security hardening (#571 )	2021-06-22 10:22:15 -08:00
__init__.py	v0.4.0 (#236 )	2021-03-31 07:20:35 -08:00
test_custom_page_routes.py	API security hardening (#571 )	2021-06-22 10:22:15 -08:00
test_group_routes.py	API security hardening (#571 )	2021-06-22 10:22:15 -08:00
test_import_routes.py	API security hardening (#571 )	2021-06-22 10:22:15 -08:00
test_long_live_tokens.py	API security hardening (#571 )	2021-06-22 10:22:15 -08:00
test_meal_routes.py	API security hardening (#571 )	2021-06-22 10:22:15 -08:00
test_migration_routes.py	API security hardening (#571 )	2021-06-22 10:22:15 -08:00
test_settings_routes.py	API security hardening (#571 )	2021-06-22 10:22:15 -08:00
test_signup_routes.py	API security hardening (#571 )	2021-06-22 10:22:15 -08:00
test_tags_categories.py	v0.4.0 (#236 )	2021-03-31 07:20:35 -08:00
test_theme_routes.py	API security hardening (#571 )	2021-06-22 10:22:15 -08:00
test_user_routes.py	API security hardening (#571 )	2021-06-22 10:22:15 -08:00