I am making an app from express js, it uses firebase admin for authentication and I am also using custom jwt for user recognition, and mongodb for database.
I dont know the right term but usually happens rarely for eg, User A is editing his account, but for some reason User B’s account gets edited.
I have made user authentication middleware.
import {
Request,
Response,
NextFunction
} from "express";
import JSONRESPONSE from "../utils/JSONReponse";
import jwt from "jsonwebtoken"
import {
User
} from "../models/User";
export async function AuthMiddleware(req: Request, res: Response, next: NextFunction) {
const JSONResponse = new JSONRESPONSE(res);
try {
const session = req.cookies.session;
if (!session) return JSONResponse.notAuthorized();
const decoded = < any > jwt.decode(session);
const uid = decoded.user_id
if (!uid) return JSONResponse.notAuthorized();
const user = await User.findOne({
uid
})
if (!user) return JSONResponse.notAuthorized();
req.app.locals.currentUser = user;
req.app.locals.uid = uid;
next()
} catch (err) {
console.log(err);
JSONResponse.notAuthorized();
}
}Here is my main routes:
app.use("/api/auth", AuthRoutes)
app.use("/api/user", AuthMiddleware, UserRoutes)
app.use("/api/date", AuthMiddleware, DateRoutes)
app.use("/api/chat", AuthMiddleware, ChatRoutes)How do I fix this issue, I am not sure what is causing this rare issue.