Add Portal Migration to APIv2 Auth thread - legacy assumptions, blocking items, open questions
This commit is contained in:
parent
4cb41a66a4
commit
d47e1c52a8
@ -1,4 +1,4 @@
|
||||
# Open Threads – zlh-grind
|
||||
# Open Threads — zlh-grind
|
||||
|
||||
This file tracks items that are unresolved, under investigation, or explicitly deferred.
|
||||
|
||||
@ -65,3 +65,24 @@ This file tracks items that are unresolved, under investigation, or explicitly d
|
||||
- React Router
|
||||
- HUD/scanline UI experiments
|
||||
- Neon accent palette
|
||||
|
||||
---
|
||||
|
||||
## Portal Migration to APIv2 Auth (Open)
|
||||
|
||||
### Context
|
||||
- Portal was originally built against APIv1 + Pterodactyl
|
||||
- APIv2 auth is now live and verified
|
||||
- Portal login + data access must be realigned
|
||||
|
||||
### Open Questions
|
||||
- Which API routes should be protected first by auth?
|
||||
- When should refresh-token or session renewal be added (if ever)?
|
||||
- Should roles/scopes be enforced now or deferred?
|
||||
|
||||
### Blocking Items
|
||||
- Portal login page still assumes CSRF + legacy flows
|
||||
- Legacy API abstractions still present in portal repo
|
||||
|
||||
### Owner
|
||||
- Portal Team
|
||||
|
||||
Loading…
Reference in New Issue
Block a user