Protect API endpoint for showing paid orders.

author: Mateja <mail@matejamaric.com> 2021-07-27 19:16:14 +0200
committer: Mateja <mail@matejamaric.com> 2021-07-27 19:16:14 +0200
commit: 10b0444eacee8e54c947a88b1cc27252666fe14c (patch)
tree: c2ebfc2c0922d39c6ed8bf472f6184763ab454ff /server
parent: 306c59e56c5038d13f94b9477bcdd060ab282ee6 (diff)
download: mevn-ecommerce-10b0444eacee8e54c947a88b1cc27252666fe14c.tar.gz
mevn-ecommerce-10b0444eacee8e54c947a88b1cc27252666fe14c.zip
1 files changed, 1 insertions, 1 deletions
diff --git a/server/routes/api.js b/server/routes/api.js
index cf1d2d6..b680b70 100644
--- a/server/routes/api.js
+++ b/server/routes/api.js
@@ -17,7 +17,7 @@ router.post('/products', isAuth, isAdmin, upload.single('image'), productsContro
 router.patch('/products/:id', isAuth, isAdmin, upload.single('image'), productsController.update);
 router.delete('/products/:id', isAuth, isAdmin, productsController.destroy);
 
-router.get('/transactions/paid', transactionController.showPaid);
+router.get('/transactions/paid', isAuth, isAdmin, transactionController.showPaid);
 router.post('/transactions/setup', transactionController.setup);
 router.post('/transactions/capture', transactionController.capture);
author	Mateja <mail@matejamaric.com>	2021-07-27 19:16:14 +0200
committer	Mateja <mail@matejamaric.com>	2021-07-27 19:16:14 +0200
commit	10b0444eacee8e54c947a88b1cc27252666fe14c (patch)
tree	c2ebfc2c0922d39c6ed8bf472f6184763ab454ff /server
parent	306c59e56c5038d13f94b9477bcdd060ab282ee6 (diff)
download	mevn-ecommerce-10b0444eacee8e54c947a88b1cc27252666fe14c.tar.gz mevn-ecommerce-10b0444eacee8e54c947a88b1cc27252666fe14c.zip