|
|
|
|
|
|
by rwestergren
4249 days ago
|
|
|
I think the best solution is to not trust the client in assigning the perfectFitId. The login POST should be able to determine the perfectFitId for the user after login and maintain a session through oauth or other session management process. |
|
|