← knowledge.oriz.in

No auth in apps or APIs — login is a separate project

decision authpubliclogin-managersimplicitydonations-only

No auth in apps or APIs — login is a separate project

Decision

Apps and APIs across the fleet are 100% public. No sign-in UI, no session check, no auth SDK imports in any app shell or API handler. Login functionality moves to a dedicated login-manager project (separate repo, separate subdomain) — apps that need an authenticated user redirect to it and never embed the auth flow.

Why

What this kills

What stays

Login-manager project (TBD)

Implications

Cross-refs