Skip to content

fix: disable JWT auth when login route is disabled

Arnaud Vergnet requested to merge topic/default/jwt-disable into branch/default

Those tokens are only created by the login route so those should not allow users to authenticate if the login route is disabled

Linked to cubicweb/cubicweb#869 (closed)

Edited by Arnaud Vergnet

Merge request reports