AntiPattern
Middleware Authorization Bypass
middleware-authorization-bypass
AuthN/AuthZ middleware fails to run on specific API endpoints—due to route exclusion matchers, missing route-file setup, or incorrect global configuration—so unauthorized requests reach handlers; additionally, returning None from middleware doesn’t block execution.