Denseswin
AI-powered crop disease detection and insights. Focus today is on the new API-centric authentication flow.
Get Started LoginAuth (API-Centric)
Login returns session_id (Redis) + tokens.
- POST
/v1/auth/login - POST
/v1/auth/google-callback - POST
/v1/auth/logoutwithsession_id
CSRF
BFF verifies CSRF for all form/JSON endpoints.
- Hidden input:
{{ csrf_token() }} - Header:
X-CSRF-Token - Cookie:
csrf_token(SameSite=Lax)
Next Steps
Wire dashboard calls through the BFF using csrfFetch().
- Proxy to API with
X-Session-Id - Graceful 401/403 handling
- Minimal UI; focus on flows