dograh/api/services/auth
Abhishek 4fb3193eb5
fix: gate OSS email/password auth endpoints outside local auth mode (#500)
* fix: gate OSS email/password auth endpoints outside local auth mode

The /auth signup/login/me routes were mounted unconditionally, so the
SaaS deployment accepted unauthenticated signups that created oss_*
provider-id users (and auto-provisioned MPS service keys) bypassing
Stack Auth entirely.

Gate them with a router-level dependency that 404s when AUTH_PROVIDER
is not "local", rather than conditionally mounting the router, so the
OpenAPI spec and the clients generated from it stay identical across
deployment modes.

Co-Authored-By: Claude Fable 5 <noreply@anthropic.com>

* fix: keep current user route available in stack auth

---------

Co-authored-by: Claude Fable 5 <noreply@anthropic.com>
2026-07-06 22:18:04 +05:30
..
__init__.py Initial Commit 🚀 🚀 2025-09-09 14:37:32 +05:30
depends.py fix: gate OSS email/password auth endpoints outside local auth mode (#500) 2026-07-06 22:18:04 +05:30
stack_auth.py Initial Commit 🚀 🚀 2025-09-09 14:37:32 +05:30