Saturday, 6 May 2017

user authentication with equals()

I have made a blog in which there are users who can make a post. And i have it so that is a person has made a post only they can delete or edit it but i want to have an account witch will be they ADMIN account and with that account the can delete and edit every blog post they want. I have made a function called

checkBlogOwnership

and i add it to the routes that i want to have this feature (usually :/blogs/:id)

function checkBlogOwnership(req, res, next) {
if(req.isAuthenticated()){
    Blog.findById(req.params.id, function(err, foundBlog){
       if(err){
           res.redirect("back");
       }  else {
           // does user own the campground?
        if(foundBlog.author.id.equals(req.user._id)) {
            next();
        } else {
            res.redirect("back");
        }
       }
    });
} else {
    res.redirect("back");
}
};

what i want is something in this line :

if(foundBlog.author.id.equals(req.user._id)) {

that will add a specific user id (in this case: 590da36125f46404d8316a7c) and i will be able to change anything i want



via fanis theologiths

No comments:

Post a Comment