feat: guest play — allow singleplayer quiz without auth
- Add optionalAuth middleware: attaches session when present, never blocks (guests pass through) - Make game endpoints (start/answer) accept optional auth - GameSessionStore.userId: string → string | null - Rate limiter falls back to IP for unauthenticated users - Frontend: remove /play route guard, show 'Create account' CTA on score screen for guests - Add tests for guest session creation, answer submission, and cross-user session isolation
This commit is contained in:
lila
parent
d55a1ed648
commit
0118798e36
11 changed files with 298 additions and 32 deletions
1
.gitignore
vendored
1
.gitignore
vendored
|
|
@ -19,3 +19,4 @@ data-pipeline/stage-4-merge/output/
|
|||
data-pipeline/db/pipeline.db
|
||||
data-pipeline/reports/
|
||||
data-pipeline/.env
|
||||
.aider*
|
||||
|
|
|
|||
Loading…
Add table
Add a link
Reference in a new issue