Step 8
Let's update the "notes" route handlers to be consistent with our changes to server/routes/users.js.
const express = require("express");
const NoteDao = require("../data/NoteDao");
const ApiError = require("../model/ApiError");
const { verifyToken, parseBearer, decodeToken } = require("../util/token");
const router = express.Router();
const notes = new NoteDao();
const checkToken = async (req, res, next) => {
const { authorization } = req.headers;
const token = authorization ? parseBearer(authorization) : "";
const valid = await verifyToken(token);
if (!valid) {
next(new ApiError(403, "You are not authorized to perform this action."));
}
req.user = decodeToken(token);
next();
};
router.get("/api/notes", checkToken, async (req, res, next) => {
try {
const { query } = req.query;
const data = await notes.readAll(req.user.sub, query);
res.json({ data: data ? data : [] });
} catch (err) {
next(err);
}
});
router.get("/api/notes/:id", checkToken, async (req, res, next) => {
try {
const { id } = req.params;
const data = await notes.read(req.user.sub, id);
res.json({ data });
} catch (err) {
next(err);
}
});
router.post("/api/notes", checkToken, async (req, res, next) => {
try {
const { title, text } = req.body;
const data = await notes.create({ title, text, author: req.user.sub });
res.status(201).json({ data });
} catch (err) {
next(err);
}
});
router.delete("/api/notes/:id", checkToken, async (req, res, next) => {
try {
const { id } = req.params;
const data = await notes.delete(req.user.sub, id);
res.json({ data });
} catch (err) {
next(err);
}
});
router.put("/api/notes/:id", checkToken, async (req, res, next) => {
try {
const { id } = req.params;
const { title, text } = req.body;
if (!title && !text) {
throw new ApiError(400, "You must provide at least one note attribute!");
}
const data = await notes.update(req.user.sub, id, { title, text });
res.json({ data });
} catch (err) {
next(err);
}
});
module.exports = router;