constraints - n1lby73/industrial-IOT GitHub Wiki
Overview
The application includes before request functions to verify email status and user login state before accessing specific routes. These functions ensure that users have completed email verification and are using the correct HTTP methods based on their login status for particular endpoints.
The request functions are:
- verifyEmailRequest()
- verifyUserLogin()
Verify Email Request:
-
Overview
The
verifyEmailRequestfunction ensures that users accessing specific routes have completed email verification. -
Conditions
-
The function runs before requests to routes in verifyEmailRoute.
-
It checks if the user's email has been verified.
-
If email verification is incomplete, an error response is returned.
-
Status Code: 403 Forbidden
-
Response Body:
{ "error":"email verification not completed" }- Description: Indicates that the user's email verification is incomplete when accessing a route protected by verifyEmailRequest.
Note: To verify user email use this
-
-
- Affected Routes:
Verify user login:
-
Overview
The
verifyUserLoginfunction ensures that users accessing specific routes have appropriate login status. -
Checks:
-
For
PUTrequests: Verifies if the user is logged in and suggests using the PUT method for changing the password. -
For
GETrequests: Verifies if the user is logged out and suggests using the GET method to proceed with the password reset request.
-
- Affected Route:
Response:
-
Status Code: 401 Unauthorized
-
Response Body:
{ "Error": "User is logged in, use 'PUT' method." }- Description: Indicates that the user is logged in when accessing a route that requires a PUT method.
-
Status Code: 401 Unauthorized
-
Response Body:
{ "Error": "User is logged out, use 'GET' method." }- Description: Indicates that the user is logged out when accessing a route that requires a GET method.