apilogger
apilogger copied to clipboard
Allow `apilogs` to be Protected by a Guard
It seems at the moment that any user can see the logs (in /apilogs); obviously this could be a security issue.
It could be optional to protect that route(s) with a guard (which could be configurable).
I am thinking about it too. I'll handle this one.
This is a must. Else detailed info, and info valuable with regards to marketing (e.g number of requests or day) is visible to public.
I was thinking the requesting user id should also be logged, in which case the apilogger view definitely needs to be guarded.
(Look at how larecipe guards and defined it's routes. Not that hard)
Thanks I will definitely look into it.
Added in #42