Who: As a Developer
What: A middleware function that validates the user
Why: I want to ensure that only authenticated user can access user related data
Acceptance criteria
The middleware component should be placed in all routes that request user related data.
It must check to see if the firebase uid extracted from the token matches with the firebase uid for the requested user id
Implementation details:
If the the request has passed through the auth middleware the request will have a user object as a property.
It can be accessed as
req.user
A check must me be made to ensure that the firebase uid (req.user.user_id) matches the the firebaseUid in the user table for the requested user
User story
Who: As a Developer What: A middleware function that validates the user Why: I want to ensure that only authenticated user can access user related data
Acceptance criteria
The middleware component should be placed in all routes that request user related data. It must check to see if the firebase uid extracted from the token matches with the firebase uid for the requested user id
Implementation details: If the the request has passed through the auth middleware the request will have a user object as a property. It can be accessed as req.user A check must me be made to ensure that the firebase uid (req.user.user_id) matches the the firebaseUid in the user table for the requested user