From 98dc591dce5b92b3d2a1fa14ee75f71ea10bb9fe Mon Sep 17 00:00:00 2001
From: eee4 <41441600+eee4@users.noreply.github.com>
Date: Mon, 28 Jul 2025 10:42:09 +0200
Subject: [PATCH] fix: disable authentication for GET /api/v1/categories allows
 unauthenticated users to select a category for random draw

---
 Controllers/CategoryController.cs | 9 +++++----
 1 file changed, 5 insertions(+), 4 deletions(-)

diff --git a/Controllers/CategoryController.cs b/Controllers/CategoryController.cs
index a4735e3..b9ce66d 100644
--- a/Controllers/CategoryController.cs
+++ b/Controllers/CategoryController.cs
@@ -80,17 +80,18 @@ public class CategoryController : ControllerBase
 
     // GET /api/v1/categories
     /// <summary>
-    /// [AUTHED] Get every category
+    /// Get every category
     /// </summary>
     /// <remarks>
-    /// Can (and will) return an empty list if no categories are found in DB. <br/>
-    /// Unlike GET /api/v1/categories/page/..., requires authorization with a JWT.
+    /// Can (and will) return an empty list if no categories are found in DB. <br/><br/>
+    /// <s>Unlike GET /api/v1/categories/page/..., requires authorization with a JWT.</s>
+    /// Not the case anymore, as choosing a quote from a category requires the user to know
+    /// of existing categories.<br/><br/>
     /// Has CORS set.
     /// </remarks>
     /// <response code="200">Returned on valid request</response>
     // /// <response code="404">Returned when there are no categories to list</response>
     [HttpGet]
-    [Authorize]
     [EnableCors]
     [ProducesResponseType(typeof(List<CategoryShortDTO>), 200)]
     public async Task<IActionResult> GetQuotePage()