node_auth

[gmarchese93]

req met

[mateacademy-ai-mentor]

Review Summary

I am requesting changes because there are a few critical issues that prevent the application from functioning as required. Great job on the overall structure, but let's fix these key items.

1. Broken Login Flow: In src/controller/auth.controller.js, your loginUser function calls generateTokens (which sends a response) and then res.redirect(). This causes a Cannot set headers after they are sent error, breaking the login functionality. You must choose only one method to end the request.
2. Missing Access Control: A core requirement is to protect routes based on authentication status. The registration, login, and password reset routes should be for non-authenticated users only, while the logout route must be restricted to authenticated users. This can be fixed by applying the correct middleware in src/router/auth.router.js.
3. Unhandled Exception: The updateNameService in src/services/user.services.js will crash the server if a user with the given id is not found. Please add a check to ensure the user exists before attempting to modify their data.

Once these blockers are addressed, your project will be in excellent shape!

---

✨ Please rate this review in the Platform's notification center¹. I will be grateful for your feedback! ✨

Important

Fix the issues, commit the changes, and then re-request my review using the Re-request review button² in the Reviewers tab.

Tip

If you have any comments about this review, please leave a message in the Add a comment section below and mention me with the @mateacademy-ai-mentor tag³.
I will read your message during my next review of your pull request. Please do not reply directly to my comments, as that feature is not supported yet.

Caution

Do not close the pull request until the review is complete. Closing it early can lead to unexpected behavior and disrupt the review process.

Footnotes

1. Rate AI review example ↩

2. Re-request AI review example ↩

3. Add AI review comments example ↩

[mateacademy-ai-mentor]

Review Summary

Great job addressing the critical issues from the last review! The application is much more stable, and the access control is correctly implemented. However, one change is needed before this can be approved. The login functionality no longer meets the requirement to redirect the user to their profile page after a successful login. In src/controller/auth.controller.js, the loginUser function currently sends a JSON response instead of performing a redirect. Please adjust this to ensure the user is redirected, similar to how the activateUser and logout functions work. Once that's fixed, your solution will be in great shape!

---

✨ Please rate this review in the Platform's notification center¹. I will be grateful for your feedback! ✨

Important

Fix the issues, commit the changes, and then re-request my review using the Re-request review button² in the Reviewers tab.

Tip

If you have any comments about this review, please leave a message in the Add a comment section below and mention me with the @mateacademy-ai-mentor tag³.
I will read your message during my next review of your pull request. Please do not reply directly to my comments, as that feature is not supported yet.

Caution

Do not close the pull request until the review is complete. Closing it early can lead to unexpected behavior and disrupt the review process.

Footnotes

1. Rate AI review example ↩

2. Re-request AI review example ↩

3. Add AI review comments example ↩

[mateacademy-ai-mentor]

Review Summary

Excellent work on this project, and great job fixing the login redirect from the last review! Your code is very well-structured and meets almost all the requirements.

I am approving this submission to help you keep moving forward, but there is one small change needed to make it perfect. In src/controller/auth.controller.js, the resetPassword function currently sends a JSON response. According to the requirements, it should redirect to a success page. You can fix this by using res.redirect() to send the user to a page that confirms their password has been changed, similar to how you handle redirects after login or activation.

Overall, this is a fantastic submission. Keep up the great work!

---

✨ Please rate this review in the Platform's notification center¹. I will be grateful for your feedback! ✨

Footnotes

1. Rate AI review example ↩

[mateacademy-ai-mentor]

According to the requirements, the application should "Show Success page with a link to login" after a successful password reset. Currently, this function sends a JSON response. Please update this to redirect the user to a success page, similar to how redirects are handled in the activateUser and loginUser functions.