Skip to content

Commit a1d4893

Browse files
rickkohrickkoh
committed
Add authorization token to API requests for security
1 parent 4d3a225 commit a1d4893

File tree

1 file changed

+19
-0
lines changed

1 file changed

+19
-0
lines changed

frontend/src/services/questionService.ts

Lines changed: 19 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -1,5 +1,6 @@
11
"use server";
22

3+
import { getAccessToken } from "@/lib/auth";
34
import { CategoriesResponse, CategoriesResponseSchema } from "@/types/Category";
45
import {
56
Question,
@@ -17,12 +18,15 @@ import { cache } from "react";
1718

1819
export async function getQuestion(slug: string): Promise<QuestionResponse> {
1920
try {
21+
const access_token = await getAccessToken();
22+
2023
const res = await fetch(
2124
process.env.PUBLIC_API_URL + `/api/questions/${slug}`,
2225
{
2326
method: "GET",
2427
headers: {
2528
"Content-Type": "application/json",
29+
Authorization: `Bearer ${access_token}`,
2630
},
2731
}
2832
);
@@ -44,13 +48,16 @@ export async function getQuestions(): Promise<QuestionsResponse> {
4448
});
4549

4650
try {
51+
const access_token = await getAccessToken();
52+
4753
const res: Response = await fetch(
4854
process.env.PUBLIC_API_URL + `/api/questions?${query}`,
4955
{
5056
cache: "no-cache",
5157
method: "GET",
5258
headers: {
5359
"Content-Type": "application/json",
60+
Authorization: `Bearer ${access_token}`,
5461
},
5562
}
5663
);
@@ -69,13 +76,16 @@ export async function getQuestions(): Promise<QuestionsResponse> {
6976
export const getQuestionCategories = cache(
7077
async function (): Promise<CategoriesResponse> {
7178
try {
79+
const access_token = await getAccessToken();
80+
7281
const res: Response = await fetch(
7382
process.env.PUBLIC_API_URL + `/api/questions/categories`,
7483
{
7584
cache: "no-cache",
7685
method: "GET",
7786
headers: {
7887
"Content-Type": "application/json",
88+
Authorization: `Bearer ${access_token}`,
7989
},
8090
}
8191
);
@@ -96,12 +106,15 @@ export async function createQuestion(
96106
question: NewQuestion
97107
): Promise<QuestionResponse> {
98108
try {
109+
const access_token = await getAccessToken();
110+
99111
const res = await fetch(
100112
process.env.PUBLIC_API_URL + "/api/questions/create",
101113
{
102114
method: "POST",
103115
headers: {
104116
"Content-Type": "application/json",
117+
Authorization: `Bearer ${access_token}`,
105118
},
106119
body: JSON.stringify(question),
107120
}
@@ -122,10 +135,13 @@ export async function createQuestion(
122135

123136
export async function deleteQuestion(questionId: string): Promise<void> {
124137
try {
138+
const access_token = await getAccessToken();
139+
125140
await fetch(process.env.PUBLIC_API_URL + `/api/questions/${questionId}`, {
126141
method: "DELETE",
127142
headers: {
128143
"Content-Type": "application/json",
144+
Authorization: `Bearer ${access_token}`,
129145
},
130146
});
131147

@@ -137,13 +153,16 @@ export async function editQuestion(
137153
question: Question
138154
): Promise<QuestionResponse> {
139155
try {
156+
const access_token = await getAccessToken();
157+
140158
const updatedQuestion = NewQuestionSchema.parse(question);
141159
const res = await fetch(
142160
process.env.PUBLIC_API_URL + `/api/questions/${question._id}`,
143161
{
144162
method: "PATCH",
145163
headers: {
146164
"Content-Type": "application/json",
165+
Authorization: `Bearer ${access_token}`,
147166
},
148167
body: JSON.stringify(updatedQuestion),
149168
}

0 commit comments

Comments
 (0)