• r

    rp

    2 years ago
    cool!
  • Sun Walker

    Sun Walker

    2 years ago
    @rp I did this instead incase anyone wanted another way
    req: Request & { session: Session },
  • r

    rp

    2 years ago
    yea. this makes sense!
  • Sun Walker

    Sun Walker

    2 years ago
    In my secureRoutesMiddleware above I do
    req.session = session
    , would it be secure to also do
    req.currentUserId = session.getUserId()
    or is it a security risk to use it in my code like this
    if (req.currentUserId === 'foo'){ return 'bar' }
    ?
  • r

    rp

    2 years ago
    No that’s fine. No security issue
  • r

    rp

    2 years ago
    U can do that.
  • r

    rp

    2 years ago
    But you could also just do req.session.getUserId(). This is super efficient cause it’s just reading from a variable in the session object.
  • Sun Walker

    Sun Walker

    2 years ago
    I see!
  • r

    rp

    2 years ago
    hey @User !
  • n

    nkshah2

    2 years ago
    !d bump