App.yaml Handler Login: Admin Option Not Effective On Standard Env Python Gae App?

I was working on some security checks for my standard env python GAE app and I was surprised to see that the login: admin option appears to be non-effective. I want to secure a por

Solution 1:

Mistery solved: apparently the Firefox HttpRequester add-on is smart enough to automatically pull the google credentials from Firefox and use them. The updated image in the question now has a pointer showing the username info I blacked out but didn't regard as a clue. Those credentials have admin permissions to the GAE app, which explains why that request made it to the handler code.

To confirm this theory I tried the same request but this time sent using curl:

$ curl --request POST --data '{"task": "project_integrity_check_task", "obj_id": 4841240159846400, "ci_proj": 4841240159846400, "obj_cls": "Project"}' [url_redacted]

The response is indeed a 302 and the app error log is missing, indicating that this time the request didn't make it to the handler code, as expected: