issues
search
haseakito
/
funbase
Next generation creators economy platform website
https://funbase.vercel.app
2
stars
0
forks
source link
Add `id` field in the NextAuth `session`
#21
Closed
haseakito
closed
10 months ago
haseakito
commented
10 months ago
Issue
Prevent users from manipulating other user's data
Compare the
userId
in the parameter of dynamic route against the
id
in NextAuth
session
Requirements
Add
next-auth.d.ts
and add
id
to
session
interface as in the
NextAuth Typescript documentation
Get the
session
in the server side
Check if the
userId
in the parameter is the same as
id
in the
session
Issue
userId
in the parameter of dynamic route against theid
in NextAuthsession
Requirements
next-auth.d.ts
and addid
tosession
interface as in the NextAuth Typescript documentationsession
in the server sideuserId
in the parameter is the same asid
in thesession