fix: security issue, IDOR vulnerability

Author: PaulPintang

server/src/index.ts

@@ -12,8 +12,8 @@ app.use(express.json({ limit: "200mb" }));
 app.use(express.urlencoded({ extended: true, limit: "200mb" }));
 app.use(cors());
 app.use(express.urlencoded({ extended: false }));
-app.use(errorHandler);
 app.use("/api/user", require("./routes/userRoutes"));
 app.use("/api/bookmark", require("./routes/bookmarkRoutes"));
+app.use(errorHandler);
 
 app.listen(5000, () => console.log("Server is running on PORT 5000"));

server/src/middleware/bookmarkMiddleware.ts

@@ -0,0 +1,19 @@
+import { Request, Response, NextFunction } from "express";
+import Bookmark from "../models/bookmarkModel";
+import { IBookmark } from "../interfaces/BookmarkInterface";
+import { ObjectId } from "mongodb";
+
+export const checkBookmark = async (
+  req: Request,
+  res: Response,
+  next: NextFunction
+) => {
+  try {
+    const bookmark: IBookmark = await Bookmark.findById({ _id: req.params.id });
+    if (bookmark.user.toString() !== res.locals.user._id)
+      return res.status(404).send("Bookmark not found!");
+    next();
+  } catch (error) {
+    next(error);
+  }
+};

server/src/routes/bookmarkRoutes.ts

@@ -8,13 +8,14 @@ import {
   singleBookmark,
 } from "../controllers/bookmarkController";
 import { Protected } from "../middleware/authMiddleware";
+import { checkBookmark } from "../middleware/bookmarkMiddleware";
 
 router.get("/", Protected, getBookmark);
 router.post("/add", Protected, addBookmark);
 router
   .route("/:id")
-  .get(singleBookmark)
-  .put(Protected, updateBookmark)
-  .delete(Protected, deleteBookmark);
+  .get(Protected, checkBookmark, singleBookmark)
+  .put(Protected, checkBookmark, updateBookmark)
+  .delete(Protected, checkBookmark, deleteBookmark);
 
 module.exports = router;