• r

    rp

    2 years ago
    In which case, u don’t need to put the userId in the URL
  • r

    rp

    2 years ago
    and if u do that, u don’t need to have userId of the currently logged in user on the frontend
  • Sun Walker

    Sun Walker

    2 years ago
    That's half what I'm doing
  • Sun Walker

    Sun Walker

    2 years ago
    Currently if user makes request users/:userId/categories/:categoryId
  • Sun Walker

    Sun Walker

    2 years ago
    My api checks if userId === session.getUserId
  • Sun Walker

    Sun Walker

    2 years ago
    If not it throws 401 Unauthorized
  • Sun Walker

    Sun Walker

    2 years ago
    If it is, it allows the operation
  • r

    rp

    2 years ago
    I see
  • r

    rp

    2 years ago
    So in this case, why do u need to put the userId in the URL?
  • Sun Walker

    Sun Walker

    2 years ago
    I dont do I really