arrow_back
Back to Tickets
Edit Trouble Ticket
Update the ticket information below
Date Initiated
*
Status
*
Open
Pending
Completed
Terminated
Creator
*
Marcus
Priority
*
1
Urgent
Select urgency...
Urgent
Not Urgent
Important
Select importance...
Important
Not Important
Project Name
*
zfrika
Problem
*
https://zfrika.com/matchmakers?country=Sierra_Leone https://zfrika.com/fashion?country=South_Sudan https://zfrika.com/singledads?country=Sierra_Leone https://zfrika.com/homecareservice?country=Mozambique ------- url can be accessed without logging in. fix that bug
Question
how do we check if a user is logged in? what is the other code that redirect a user to login? use a sample of that code that checked user status.
Root Cause
Notes
Strategy
go to results.ejs check that the user is logged in before sharing results. but this method allows a user to make requests and waste mongoDB resources.
Helpful People
Helpful Links
Diagram
Previous Steps
search in routes. "get list of" route called: router.get(BASE_URL+'/matchmakers',(req,res) => check if we are logged in add this to country.ejs. <li><a onclick="return checklogin('matchmakers');" class="category-link" href="<%= BASE_URL_PATH %>/matchmakers?country=<%= country %>datatoken=<%= datatoken %>">Matchmakers</a></li> How do we have a condition that if datatoken is empty ,still load the page. concept is called forced browsing. ther router.get(BASE_URL+'/matchmakers',restrictDirectAccess,(req,res) => { function defined at the route. function restrictDirectAccess(req, res, next) I need to create a util function that I can call once in each route category so I dont need to define the function restrictDirectAccess multiple times. (done) then I need to update each category with the restrickDirectAccess function call. (done)
Next Steps
update the production environement save to GitHub repo.
Solution
Insight
Date Resolved
save
Update Ticket
Cancel