My project is in Vue3 with node express backend server and firebase for database service.
The front end api call for updating users:
async updateUser(){
this.success = false;
this.error = false;
var that = this;
if (this.username == '' || this.email == '') {
this.error = true;
return '';
}
const token = await firebase.auth().currentUser.getIdToken();
let config = {
headers: {
Authorization: `Bearer ${token}`
}
};
axios.post('http://localhost:3000/users/update',config,{
id: this.id,
username : this.list.username,
email : this.list.email,
})
.then(function (response) {
that.success = true;
console.log(response);
that.$router.push({name: 'listUser'});
})
.catch(function (error) {
console.log(error);
});
}
},
Backend middleware without session using Bearer Token:
const getAuthToken = (req, _, next) => {
if (
req.headers.authorization &&
req.headers.authorization.split(" ")[0] === "Bearer"
) {
req.authToken = req.headers.authorization.split(" ")[1];
} else {
req.authToken = null;
}
next();
};
const checkIfAuthenticated = (req, res, next) => {
getAuthToken(req, res, async() => {
try {
const { authToken } = req;
const userInfo = await admin.auth().verifyIdToken(authToken);
req.authId = userInfo.uid;
return next();
} catch (e) {
return res
.status(401)
.send({ error: "You are not authorized to make this request" });
}
});
};
Update route using middleware
router.post('/update', checkIfAuthenticated, async(req, res) => {
usersRef.child(req.body.id).set({
username: req.body.username,
email: req.body.email,
});
console.log('successfully done');
res.send("request received");
// return res.status(200).send('success');
});
How can I implement a session in which the user can update data only for a certain period of time.
与恶龙缠斗过久,自身亦成为恶龙;凝视深渊过久,深渊将回以凝视…