Open francisrod01 opened 2 years ago
Opinion: We should have a Discussions tab here.
I want to scale this repo to my side projects, and maybe use it for professional ones, so how are the plans for best practices?
I'm implementing a dashboard route in the backend, but I wonder if the login function shouldn't be a middleware, like the requireAdmin.
I just implemented a dashboard.route.js to get all users registered, but it seems unsafe because there's no JWT verification in it.
dashboard.route.js
const express = require('express'); const asyncHandler = require('express-async-handler'); const requireAdmin = require('../middleware/require-admin'); const userCtrl = require('../controllers/user.controller'); const router = express.Router(); module.exports = router; router.get('/user', asyncHandler(getUsers), requireAdmin); async function getUsers(req, res) { let users = await userCtrl.retrieve(); users = users.map((user) => { user = user.toObject(); delete user.hashedPassword; return user; }); res.json(users); }
I want to scale this repo to my side projects, and maybe use it for professional ones, so how are the plans for best practices?
I'm implementing a dashboard route in the backend, but I wonder if the login function shouldn't be a middleware, like the requireAdmin.
I just implemented a
dashboard.route.js
to get all users registered, but it seems unsafe because there's no JWT verification in it.