Connect User and Database

[EmmaDir]

Value proposition

As a fitness enthusiast, I want to create, update, and delete my workouts, so that I can maintain a personalized workout routine.

Description

Acceptance criteria

• [x] When I click the "Add Workout" button, a new workout should be created with a default title, duration, and date. The newly created workout should only be visible to me and stored in my personal workout list.
• [x] When I log into my account, I should be able to see a list of all the workouts I have created.
• [x] I should be able to update the details of any workout in my list.
• [x] I should be able to delete any workout from my list.
• [x] The workout should be deleted from both my personal list and any associated data in the database.
• [x] Even after refreshing the page, my workouts should persist and only be accessible by me.
• [x] My workout data should be private and should not be visible or accessible to other users.

Tasks

• [x] Create a new branch feature/connect-user-database.
• [x] Expand the existing MongoDB database with a new collections: Users.
• [x] Define the User model to include fields for name and a reference to workouts.
• [x] The user’s workouts should be linked to their unique user ID to ensure that workouts are isolated between users.
• [x] Adjust the existing POST route at /api/workouts/create to handle workout creation.
• [x] Validate incoming data and ensure the workout is linked to the correct user.
• [x] Add the newly created workout's ID to the associated user's workouts array.
• [x] Adjust the existing GET route at /api/workouts/[userId] to retrieve all workouts for a specific user.
• [x] Ensure that only the workouts associated with the logged-in user are returned.
• [x] Adjust the existing PUT route at /api/workouts/update to handle updates to an existing workout.
• [x] Validate the workout data and ensure only the owner of the workout can perform updates.
• [x] Adjust the existing DELETE route at /api/workouts/delete to handle workout deletions.
• [x] Remove the workout from both the Workouts collection and the user's workouts array.
• [x] Ensure the user is authenticated before allowing access to workout management functionality.
• [x] Implement authorization checks in the backend API routes to ensure that users can only manage their own workouts.

[gunnarmon]

Hey Emma, the acceptance criteria and the the task look fine. Only one little thing: In the description/design I don't see any information that I'm actually logged in as a user. //gunnar