Install zod1 for use in input parsing/validation. Bump validator,
which we use in conjunction with zod. We remove the custom
sanitizeQuery function.
Some functional fixes discovered while validating/parsing input:
The requireLogIn middleware handles the case where
req.session.user is not set (due to express session requiring
HTTPS). It falls back to re-logging in the user through the session
token.
The requireLogIn middleware now passes req instead of
req.cookies.session_token to the logInBySessionToken. Previously,
this would have been a runtime error.
Make express-session use the secure option in production but not
in dev. #185 tracks being able to use HTTPS in dev and tests.
We forego calling nodemailer's sendMail function in tests and dev
environments to avoid incurring costs from our email provider,
Mailgun.
When requesting search results, the front end would send Infinity,
which serializes to undefined over the wire. We now send 50
instead.
Add a VS Code launch command for debugging server-side tests without
timing out.
Install
zod
1 for use in input parsing/validation. Bumpvalidator
, which we use in conjunction withzod
. We remove the customsanitizeQuery
function.Some functional fixes discovered while validating/parsing input:
requireLogIn
middleware handles the case wherereq.session.user
is not set (due to express session requiring HTTPS). It falls back to re-logging in the user through the session token.requireLogIn
middleware now passesreq
instead ofreq.cookies.session_token
to thelogInBySessionToken
. Previously, this would have been a runtime error.express-session
use thesecure
option in production but not in dev. #185 tracks being able to use HTTPS in dev and tests.nodemailer
'ssendMail
function in tests and dev environments to avoid incurring costs from our email provider, Mailgun.Infinity
, which serializes toundefined
over the wire. We now send50
instead.