Postgrest is rest API for postgreeSQL database.I am using postgrest v9.0.0with the following config:
db-uri = "postgres://remote_worker:1HyiYai@localhost:5432/myDb"db-schema = "public"db-anon-role = "remote_worker"jwt-secret = "1HyiYaiMTAAJ1pluZnBtAMnTUH19E3gg"db-pool = 10db-pool-timeout = 10server-host = "!4"server-port = 3000I assumed that if I enter the jwt-secret parameter in the config, it will automatically lead to the fact that only jwt authorization will work.
However, I can make a request without authorizationeven just typing in the browser-> http://localhost:3000/myTable ?Id=eq.2.or in the command line-> curl http://localhost:3000/Kits
At the same time when I make a request withthe authorization parameter for example curl http://localhost:3000/Kits -H "Authorization: Bearer eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJyb2xlIjoicmVtb3RlX3dvcmtlciJ9.wAzG0zeHPYBflP4PhipUh0W8pvPLCbOQ2M4NFNTOSgc "then the request passes only if the token is correct.
How can I disable anonymous execution of a request?