Issue #64: FIX: delete route is now protected (!56) · Merge requests · simmctic / form-creator / form-creator-api

Richard Fernando Heise Ferreira requested to merge issue/64 into develop Jan 29, 2020

-FIX on delete route; now an user can only delete the information about himself, this goes through double verification: first the token validation middleware and second is a comparison between the ID on the route params and the ID on the validated token, which prevents an user deleting information other than his own.

Signed-off-by: RichardHeise rfhf19@inf.ufpr.br

Admin message

Issue #64: FIX: delete route is now protected

Merge request reports