fix: store token in header

api/auth/controllers/auth.controller.js

@@ -31,8 +31,7 @@ export const signup = async (req, res, next) => {
       process.env.JWT_SECRET
     );
 
-    res.status(201).cookie('access_token', token, {
-      httpOnly: true}).json({ message: "Anmeldung erfolgreich." });
+    res.status(201).json({ token, message: "Anmeldung erfolgreich." });
   } catch (err) {
     if (err.code === 11000) {
       if (err.keyPattern.username) {

api/post/utils/verifyUser.js

@@ -1,7 +1,9 @@
 import jwt from "jsonwebtoken";
 import { errorHandler } from "./error.js";
 export const verifyToken = (req, res, next) => {
-  const token = req.cookies.access_token;
+  if ( req.headers.authorization && req.headers.authorization.startsWith("Bearer")) {
+    const token = req.headers.authorization.split(" ")[1];
+  }
   if (!token) {
     return next(errorHandler(401, "Unauthorized"));
   }

client/src/pages/CreatePost.jsx

@@ -60,6 +60,7 @@ export default function CreatePost() {
         method: "POST",
         headers: {
           "Content-Type": "application/json",
+          "Authorization": `Bearer ${localStorage.getItem('token')}`
         },
         body: JSON.stringify(formData),
       });

client/src/pages/SignIn.jsx

@@ -37,7 +37,7 @@ export default function SignIn() {
       const res = await fetch(`${baseUrl}/api/auth/signin`, {
         method: "POST",
         headers: {
-          "Content-Type": "application/json"
+          "Content-Type": "application/json",
         },
         body: JSON.stringify(formData),
       });
@@ -46,8 +46,6 @@ export default function SignIn() {
         dispatch(signInFailure(data.message));
       }
       if (res.ok) {
-
-        localStorage.setItem('token', data.token);
         dispatch(signInSuccess(data));
         localStorage.setItem('token', data.token);
         navigate("/");