Closed AndyLiang1 closed 9 months ago
Could you add a description for this PR, looks like there are a few different changes apart from the auth middleware. Also dont forget to resolve merge conflicts
Could you add a description for this PR, looks like there are a few different changes apart from the auth middleware. Also dont forget to resolve merge conflicts
Resolved in discord chat!
What was implemented
12 changed files:
AuthMiddleware.js
has the middleware, populates the fieldreq.userId
on success.TripModel.js
addedisPublic
in anticipation of generateItineraryLink, currently does nothing.(10 changed files left)
BE Users
UserController.js
made it so authentication token now has the user's ID too.(9 changed files left)
Google Coordinates Added error handling, error message concatenation.
(8 changed files left)
BE Trips
TripRoute.js
now uses the authMiddleware (line 8) Changed all requests to take inuserId
from thereq.userId
field instead. Thereq.userId
gets populated from theAuthMiddleware.js
Addednext()
so that error is logged too (Note: Didn't do this for every function, only the CRUD's)TrpController.js
Removed all instances ofuserId
being returned as part of the response Added error message concatenation When editing and deleting, also filters for theuserId
. This way, user1 cannot delete user2's trips, even user1 got "authenticated" using their own auth token.(6 changed files left)
FE Users
thunk.js
merely put accessToken into local storage. I named ittravelersTea_accessToken
to not clash with any other accessTokens that may be in your local storage.usersSlice.js
only stored username into userSlice. In future maybe we have more info haha.(4 changed files left)
FE Trips
thunk.js
removeuserId
in params since now we use accessToken.service.js
made it so axios sends the request with our token for these 4 routesNewTripForm.js
merely removed accessing user's id from the slice, as its not there anymore.SessionController.js
removeuserId
in params since now we use accessToken.