6b78240d39
From this commit on, api endpoints reply with a 401 error code and non api endpoints redirect to /error/40X. This commit also fixes missing restrictions on /loggedin (the "already logged in page). This was not a security issue, though. The change also makes error pages automatically redirect the user after few seconds based on the referrer or the default_redirection_url if provided in the configuration. Warning: The old /verify endpoint of the REST API has moved to /api/verify. You will need to update your nginx configuration to take this change into account. |
||
|---|---|---|
| .. | ||
| types | ||
| ErrorMessage.ts | ||
| RedirectionMessage.ts | ||
| SignMessage.ts | ||
| UserMessages.ts | ||
| api.ts | ||
| constants.ts | ||