ffc4062eba
- Add path exemption in TenantValidationMiddleware for /api/clubs/me - Change authorization policy from RequireMember to RequireViewer - Fix KEYCLOAK_CLIENT_ID in docker-compose.yml (workclub-app not workclub-api) - Endpoint now works without X-Tenant-Id header as intended - Other endpoints still protected by tenant validation This fixes the chicken-and-egg problem where frontend needs to call /api/clubs/me to discover available clubs before selecting a tenant.
6 lines
77 B
JSON
6 lines
77 B
JSON
"Cannot sign up for past shifts"
|
|
HTTP:422{
|
|
"signups": 1,
|
|
"capacity": 4
|
|
}
|