changed userRecommendations api to public #252
Conversation
|
The latest updates on your projects. Learn more about Vercel for Git ↗︎
|
|
This pull request is part of a stack:
|
Change-Id: I6965296e6f9281a8516ecbe7449d71ca9c406b65
helloukey
force-pushed
the
mergify_cli/GEN-190/feature/public_mentor_listing/I6965296e6f9281a8516ecbe7449d71ca9c406b65
branch
from
ec845ae
to
d41a190
Compare
| ); | ||
| router.get('/userRecommendations', (req, res, next) => { | ||
| passport.authenticate('jwt', { session: false }, (err, user) => { | ||
| if (err || !user) return next(); |
There was a problem hiding this comment.
Why do we have return next() if no user and just calling next() when there is a user, shouldn't it be the same.
There was a problem hiding this comment.
And we don't need to check for a user and assign it to req.user. That it already done when we do passport.authenticate(). Thats why in lot of the controller methods, we are already using req.user.
Basically, i think you can keep the code as it was before and just remove the util.checkRole.... line
There was a problem hiding this comment.
@nikhil-g777,
passport.authenticate() is doing the JWT check. So, if it cannot find the user, it throws the default error 'unauthorized' and due to this default behavior, We cannot do further functionalities.
So, basically what we are doing is:
- Check if a user is available, if not available then normally move to the next middleware.
- If the user is available and is a userType mentee then add the user to the
reqobject and move to the next middleware. - If the user is available and is a userType mentor then return the error 'unauthorized'.
Change-Id: I6965296e6f9281a8516ecbe7449d71ca9c406b65