candle-annotator

History

Marko Djordjevic 5f727d84c6 Scope all Drizzle queries by user_id from authenticated session Every data API route now filters SELECT, INSERT, UPDATE, and DELETE queries by the authenticated user's ID, ensuring full multi-tenant data isolation. Candle queries are scoped via chart_id ownership. Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>	2026-02-20 13:08:09 +01:00
..
route.ts	Scope all Drizzle queries by user_id from authenticated session	2026-02-20 13:08:09 +01:00

Marko Djordjevic 5f727d84c6 Scope all Drizzle queries by user_id from authenticated session

Every data API route now filters SELECT, INSERT, UPDATE, and DELETE
queries by the authenticated user's ID, ensuring full multi-tenant
data isolation. Candle queries are scoped via chart_id ownership.

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>

2026-02-20 13:08:09 +01:00

route.ts

Scope all Drizzle queries by user_id from authenticated session

2026-02-20 13:08:09 +01:00