REST API : access to encrypted (or not) user passwords
I m into coding a one page application using the REST API, Auth being managed by token auth. I was quite surprised to discover that the user endpoint gives access to users passwords to any user using the API ! Could this user attribute be reserved to admin accounts just like in the web UI ?
0 votes
1 answers
1561 views