From 104948f25ed38ef2ee354b271fb2368dca1b6c4d Mon Sep 17 00:00:00 2001
From: Mateja <mail@matejamaric.com>
Date: Thu, 29 Jul 2021 20:50:02 +0200
Subject: Add API endpoint for show paid orders to user.

Also, now all info in database is provided when authorized.
---
 server/controllers/transaction.js | 15 +++++----------
 server/routes/api.js              |  1 +
 2 files changed, 6 insertions(+), 10 deletions(-)

diff --git a/server/controllers/transaction.js b/server/controllers/transaction.js
index 356672b..b8c2bf4 100644
--- a/server/controllers/transaction.js
+++ b/server/controllers/transaction.js
@@ -135,17 +135,12 @@ module.exports = {
 
   async showPaid(req, res) {
     const orders = await Order.find({status: 'paid'});
-    let formattedResponse = [];
-
-    orders.forEach(order => {
-      formattedResponse.push({
-        shipping: order.shipping,
-        items: order.items,
-        updatedAt: order.updatedAt
-      });
-    });
+    res.json(orders);
+  },
 
-    res.json(formattedResponse);
+  async showPaidByUser(req, res) {
+    const orders = await Order.find({status: 'paid', userId: req.user._id});
+    res.json(orders);
   }
 
 };
diff --git a/server/routes/api.js b/server/routes/api.js
index 0c73ec0..7bee7be 100644
--- a/server/routes/api.js
+++ b/server/routes/api.js
@@ -18,6 +18,7 @@ router.patch('/products/:id', isAuth, isAdmin, upload.single('image'), productsC
 router.delete('/products/:id', isAuth, isAdmin, productsController.destroy);
 
 router.get('/transactions/paid', isAuth, isAdmin, transactionController.showPaid);
+router.get('/transactions/personal', isAuth, transactionController.showPaidByUser);
 router.post('/transactions/setup', isAuth, transactionController.setup);
 router.post('/transactions/capture', isAuth, transactionController.capture);
 
-- 
cgit v1.2.3