I'm a total beginner attempting to make social media site with the PERN stack and I'm having trouble with my delete request, while debugging with Postman.
Basically, I've logged in as user X, created a post, logged out, THEN logged in as user Y and tried to delete said post. What happens is I get the response Post deleted with ID: ${post_id}
however, when I go to check the database the post still exists.
Even though this is what I functionally want it to do, I would love to have the correct error thrown. What am I missing?
exports.deletePost = async (req, res) => {
try {
const userId = req.users
const post_id = parseInt(req.params.id)
await pool.query('DELETE FROM posts WHERE post_id = $1 AND user_id = $2', [post_id, userId])
res.status(200).json(`Post deleted with ID: ${post_id}`)
} catch (error) {
console.log("Failed to delete post:" + error)
res.sendStatus(500)
}}
I'm receiving the logged in userId from an authenticator middleware:
module.exports = async (req, res, next) => {
try {
const jwtToken = req.header('token')
if (!jwtToken) {
return res.status(403).json('You are not authorized')
}
const payload = jwt.verify(jwtToken, process.env.jwtSecret)
req.users = payload.users
next();
} catch (error) {
console.error(error.message)
return res.status(403).json('You are not authorized')
}
}
It seems to me something is getting screwy with the logical AND operator in my PG request... any insight is greatly appreciated!
