Member-only story
Secure Todos Rest APIs with JWT Authentication — Part 9
For this series, I’m following an excellent video tutorial from Traversy Media
Introduction
In our ongoing journey to fortify the security of our application, we revisit the protect middleware introduced in our previous blog. This middleware, a key component in safeguarding our routes, ensures that only authenticated users can access the todos functionality. In this post, we'll dive into the integration of this middleware within the todoRoutes.js file.
Integrate Protect Middleware
We’ll use the protect middleware we created in the previous blog to secure the todos routes.
In the todoRoutes.js file, we'll import it and use it like this.
...
const { protect } = require("../middleware/authMiddleware");
router.route("/").get(protect, getTodos).post(protect, setTodo);
router.route("/:id").put(protect, updateTodo).delete(protect, deleteTodo);
...Set User Todo
Previously we added a function setTodo in todosController but it only saved todos in the database without any user.
Now we want to store todos respective to the user.
const setTodo = asyncHanlder(async (req, res) => {
// ... existing…
