guenther
06/14/2019, 9:10 AMbdawg.io
06/16/2019, 5:43 PMbdawg.io
06/16/2019, 5:43 PMguenther
06/17/2019, 6:47 AM/auth
with the credentials in the body
• A session token is created which is stored in a cookie
• When no session token is available in the cookie (except for /auth
) a 401 should be sent to the client
I guess the 401
handling should be somehow done by the Ktor framework.bdawg.io
06/17/2019, 4:20 PMktor-auth
and define which routes require authentication through thatguenther
06/18/2019, 5:11 AM