Arrelin/family_budget
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Compare commits

base: Arrelin:f28f522663e8b2a68fb932572aa0cbe30896a33e
Branches Tags
Arrelin:master Arrelin:update-categories Arrelin:feature/change-categories Arrelin:bugfix/iro4ka Arrelin:feature/new-sort Arrelin:feature/new-deploy Arrelin:feature/history Arrelin:arrelin-patch-2 Arrelin:arrelin-patch-1 Arrelin:refactor/frontend-code-quality Arrelin:bugfix/revert
...
compare: Arrelin:86fab6ae4f01f2eedf100c7c494923cc845ad930
Branches Tags
Arrelin:master Arrelin:update-categories Arrelin:feature/change-categories Arrelin:bugfix/iro4ka Arrelin:feature/new-sort Arrelin:feature/new-deploy Arrelin:feature/history Arrelin:arrelin-patch-2 Arrelin:arrelin-patch-1 Arrelin:refactor/frontend-code-quality Arrelin:bugfix/revert

3 Commits
f28f522663 ... 86fab6ae4f

Author SHA1 Message Date
Arrelin
86fab6ae4f Merge pull request 'fix: add auth layer to family protected routes' (#7) from feature/personal-account into master
All checks were successful
Build and Publish Images / build-and-push (push) Successful in 20s
Details 
Reviewed-on: http://192.168.31.100:3847/Arrelin/family_budget/pulls/7
 2026-01-23 14:29:35 +00:00
Arrelin
8cde23d291 Merge branch 'master' into feature/personal-account 2026-01-23 14:29:17 +00:00
arrelin
ccac6a4d2f fix: add auth layer to family protected routes 
Fix authentication for /families/:id/members endpoint by adding
auth_layer instead of just session_layer to family_protected_routes.

Co-Authored-By: Claude Sonnet 4.5 <noreply@anthropic.com>
 2026-01-23 17:28:31 +03:00
1 changed files with 2 additions and 2 deletions
Expand all files Collapse all files

4
backend/src/lib.rs
View File

@@ -176,7 +176,7 @@ pub async fn create_app(db: DatabaseConnection) -> Result<Router, DbErr> {
.route("/my-family/invite-links", get(routes::invite_link::get_my_invite_links))
.route("/my-family/invite-links/:token", delete(routes::invite_link::delete_invite_link))
.route("/invite/:token/join", post(routes::invite_link::join_family_via_invite))
.layer(auth_layer)
.layer(auth_layer.clone())
.with_state(db.clone());
let family_protected_routes = Router::new()
@@ -201,7 +201,7 @@ pub async fn create_app(db: DatabaseConnection) -> Result<Router, DbErr> {
.route("/families/:family_id/shopping-items/clear-all", delete(routes::shopping_item::clear_all))
.route("/families/:family_id/members", get(routes::user::get_family_members))
.route_layer(axum_middleware::from_fn(middleware::require_family_access))
.layer(session_layer.clone())
.layer(auth_layer.clone())
.with_state(db.clone());
let public_routes = Router::new()