Skip to content

fix(backend): scope conversation and feedback access to the authenticated user#25

Merged
timmanik merged 1 commit into
mainfrom
fix/session-ownership-idor
Jul 9, 2026
Merged

fix(backend): scope conversation and feedback access to the authenticated user#25
timmanik merged 1 commit into
mainfrom
fix/session-ownership-idor

Conversation

@timmanik

@timmanik timmanik commented Jul 9, 2026

Copy link
Copy Markdown
Collaborator

Forward the caller's Cognito sub from the proxy's validated JWT claims to the backend and tag every stored message with owner_sub. Reject reads or writes to a session owned by a different user. Feedback update_item calls now require the target row to already exist and belong to the caller, preventing both row upserts and cross-user tampering.

…ated user

Forward the caller's Cognito sub from the proxy's validated JWT claims to the backend and tag every stored message with owner_sub. Reject reads or writes to a session owned by a different user. Feedback update_item calls now require the target row to already exist and belong to the caller, preventing both row upserts and cross-user tampering.
@timmanik
timmanik merged commit 7fd6155 into main Jul 9, 2026
4 checks passed
@timmanik
timmanik deleted the fix/session-ownership-idor branch July 9, 2026 06:35
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

Projects

None yet

Development

Successfully merging this pull request may close these issues.

1 participant