Added signout controller #97
Conversation
| // @access Private | ||
|
|
||
| router.post("/logout", auth, async (req, res) => { | ||
| res.clearCookie("token"); |
There was a problem hiding this comment.
You have to invalidate the token
Meaning -> Find this token (in user's token array ) and remove it from that array. Save the changes made.
| msg: "User Signout Successfully", | ||
| }); | ||
| }); | ||
|
|
There was a problem hiding this comment.
Also, please include screenshots in your PRs,
There is almost a week left so hurry up.
You won't be able to get points after 20th Nov.
| // @desc Logout a user | ||
| // @access Private | ||
|
|
||
| router.post("/logout", auth, async (req, res) => { |
There was a problem hiding this comment.
If you can make the below listed changes by today, I will merge the PR and you will be awarded points else not.
logged in user is available at req.user and the token he has been using to access the private routes is available at req.token. Why? All of this has been handled in the auth middleware.
Also all the tokens he has been given so far is present in tokens array, (req.user.tokens)
- To log him out, simply delete req.token from req.user.tokens. And update the user in the User model too.
Also, You should know how to test your API endpoints.
https://www.youtube.com/watch?v=t5n07Ybz7yI
Here's a video that might be helpful.
resolves #84