Add Portal Migration to APIv2 Auth thread - legacy assumptions, blocking items, open questions
This commit is contained in:
parent
4cb41a66a4
commit
d47e1c52a8
@ -1,4 +1,4 @@
|
|||||||
# Open Threads – zlh-grind
|
# Open Threads — zlh-grind
|
||||||
|
|
||||||
This file tracks items that are unresolved, under investigation, or explicitly deferred.
|
This file tracks items that are unresolved, under investigation, or explicitly deferred.
|
||||||
|
|
||||||
@ -65,3 +65,24 @@ This file tracks items that are unresolved, under investigation, or explicitly d
|
|||||||
- React Router
|
- React Router
|
||||||
- HUD/scanline UI experiments
|
- HUD/scanline UI experiments
|
||||||
- Neon accent palette
|
- Neon accent palette
|
||||||
|
|
||||||
|
---
|
||||||
|
|
||||||
|
## Portal Migration to APIv2 Auth (Open)
|
||||||
|
|
||||||
|
### Context
|
||||||
|
- Portal was originally built against APIv1 + Pterodactyl
|
||||||
|
- APIv2 auth is now live and verified
|
||||||
|
- Portal login + data access must be realigned
|
||||||
|
|
||||||
|
### Open Questions
|
||||||
|
- Which API routes should be protected first by auth?
|
||||||
|
- When should refresh-token or session renewal be added (if ever)?
|
||||||
|
- Should roles/scopes be enforced now or deferred?
|
||||||
|
|
||||||
|
### Blocking Items
|
||||||
|
- Portal login page still assumes CSRF + legacy flows
|
||||||
|
- Legacy API abstractions still present in portal repo
|
||||||
|
|
||||||
|
### Owner
|
||||||
|
- Portal Team
|
||||||
|
|||||||
Loading…
Reference in New Issue
Block a user