indreklasn · January 26, 2024 08:56
diff --git a/app.js b/app.js
 const express = require('express');
 const app = express();
 const session = require('express-session');

 // Assuming we have a function to get user data
 const getUserById = require('./getUserById');

 app.use(session({
  secret: 'your-secret',
  resave: false,
  saveUninitialized: true
 }));

 app.get('/user/:id', (req, res) => {
  const userId = req.params.id;
  const loggedInUserId = req.session.userId;

  // Check if logged-in user ID matches the requested user ID
  if (userId === loggedInUserId) {
    getUserById(userId, (err, user) => {
      if (err) {
        return res.status(500).send('Internal Server Error');
      }
      if (!user) {
        return res.status(404).send('User not found');
      }
      res.json(user);
    });
  } else {
    res.status(403).send('Access Denied');
  }
 });

 app.listen(3000, () => console.log('Server is running on port 3000'));
	const express = require('express');
	const app = express();
	const session = require('express-session');

	// Assuming we have a function to get user data
	const getUserById = require('./getUserById');

	app.use(session({
	secret: 'your-secret',
	resave: false,
	saveUninitialized: true
	}));

	app.get('/user/:id', (req, res) => {
	const userId = req.params.id;
	const loggedInUserId = req.session.userId;

	// Check if logged-in user ID matches the requested user ID
	if (userId === loggedInUserId) {
	getUserById(userId, (err, user) => {
	if (err) {
	return res.status(500).send('Internal Server Error');
	}
	if (!user) {
	return res.status(404).send('User not found');
	}
	res.json(user);
	});
	} else {
	res.status(403).send('Access Denied');
	}
	});

	app.listen(3000, () => console.log('Server is running on port 3000'));