Details
-
Task
-
Resolution: Fixed
-
P1: Critical
-
None
-
None
-
None
Description
All the `/qtcloud/users/*` apis that are used post login, should check `username` and `token` from headers before allowing access to the API itself.