Large amount of additions and changes, but despite the great challenge of implementing them, how the changes appear to the user is minimal.
Authorization and filtering has been implemented in the front end and back end.
PROTECTED ROUTES
front end uses react-router-dom protected routes. user can only navigate to a select few routes when not logged in, including /register and /login
edit user page checks if logged in user is the user being edited. if not they cannot access that edit form.
JWT AUTHORIZATION
fully implemented authorization in the back end. unauthenticated users can make requests at /auth, but all other paths require authentication to make requests
Many other updates but they are relatively transparent
IMPORTANT FOR US
all axios calls must now use the axiosInstance method.
ie: instead of await axios.get etc, you must use axiosInstance.get. this method is exported by AxiosConfig.js, which is in the new config directory. I have updated all existing axios calls with this code.
Large amount of additions and changes, but despite the great challenge of implementing them, how the changes appear to the user is minimal.
Authorization and filtering has been implemented in the front end and back end.
PROTECTED ROUTES
JWT AUTHORIZATION
IMPORTANT FOR US
axiosInstance
method. ie: instead ofawait axios.get
etc, you must useaxiosInstance.get
. this method is exported by AxiosConfig.js, which is in the newconfig
directory. I have updated all existing axios calls with this code.