From b06a1d3e88acea55db6218f45f149cf6ba2ebd83 Mon Sep 17 00:00:00 2001
From: JayWll <jaywll@outlook.com>
Date: Wed, 15 Jul 2020 16:26:27 -0600
Subject: [PATCH] Video 113: Authenticating User Endpoints

---
 task-manager/src/routers/user.js | 42 ++++++--------------------------
 1 file changed, 7 insertions(+), 35 deletions(-)

diff --git a/task-manager/src/routers/user.js b/task-manager/src/routers/user.js
index ac455d0..1958f98 100644
--- a/task-manager/src/routers/user.js
+++ b/task-manager/src/routers/user.js
@@ -53,23 +53,7 @@ router.get('/users/me', auth, async (req, res) => {
   res.send(req.user)
 })
 
-router.get('/users/:id', async (req, res) => {
-  const _id = req.params.id
-
-  try {
-    const user = await User.findById(_id)
-
-    if (!user) {
-      return res.status(404).send()
-    }
-
-    res.send(user)
-  } catch (e) {
-    res.status(500).send()
-  }
-})
-
-router.patch('/users/:id', async (req, res) => {
+router.patch('/users/me', auth, async (req, res) => {
   const updates = Object.keys(req.body)
   const allowedUpdates = ['name', 'email', 'password', 'age']
   const isValidOperation = updates.every((update) => allowedUpdates.includes(update))
@@ -79,30 +63,18 @@ router.patch('/users/:id', async (req, res) => {
   }
 
   try {
-    const user = await User.findById(req.params.id)
-
-    updates.forEach((update) => user[update] = req.body[update])
-    await user.save()
-
-    if (!user) {
-      return res.status(404).send()
-    }
-
-    res.send(user)
+    updates.forEach((update) => req.user[update] = req.body[update])
+    await req.user.save()
+    res.send(req.user)
   } catch (e) {
     res.status(400).send(e)
   }
 })
 
-router.delete('/users/:id', async (req, res) => {
+router.delete('/users/me', auth, async (req, res) => {
   try {
-    const user = await User.findByIdAndDelete(req.params.id)
-
-    if (!user) {
-      return res.status(404).send()
-    }
-
-    res.send(user)
+    await req.user.remove()
+    res.send(req.user)
   } catch (e) {
     res.status(500).send()
   }