Insecurity

all the endpoints are secured properly

tests passing

things to be done:

• openapi generation
  • the scopes & their descriptions should be annotated properly in each "main" class
  • the scopes should be mentioned properly in the yml file
• the scope string values should be externalized to the yml file
• the movies seeding endpoint is ignored by the current implementation; solution: either allow unauthd or do it via script (as eg in the case of rating)