radziel/spotlightcam
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

feat: add match slugs for security and fix message history loading

Browse Source 
Security improvements:
- Add random CUID slugs to Match model to prevent ID enumeration attacks
- Update all match URLs from /matches/:id to /matches/:slug
- Keep numeric IDs for internal Socket.IO operations only

Backend changes:
- Add slug field to matches table with unique index
- Update all match endpoints to use slug-based lookups (GET, PUT, DELETE)
- Add GET /api/matches/:slug/messages endpoint to fetch message history
- Include matchSlug in all Socket.IO notifications

Frontend changes:
- Update all match routes to use slug parameter
- Update MatchesPage to use slug for accept/reject/navigate operations
- Update MatchChatPage to fetch match data by slug and load message history
- Update RatePartnerPage to use slug parameter
- Add matchesAPI.getMatchMessages() function

Bug fixes:
- Fix MatchChatPage not loading message history from database on mount
- Messages now persist and display correctly when users reconnect
This commit is contained in:
Radosław Gierwiało
2025-11-14 22:22:11 +01:00
parent 4a3e32f3b6
commit c2010246e3
8 changed files with 201 additions and 53 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
frontend/src/pages/RatePartnerPage.jsx
View File

@@ -5,7 +5,7 @@ import { mockUsers } from '../mocks/users';
import { Star } from 'lucide-react';
const RatePartnerPage = () => {
const { matchId } = useParams();
const { slug } = useParams();
const navigate = useNavigate();
const [rating, setRating] = useState(0);
const [hoveredRating, setHoveredRating] = useState(0);