Implement fix for security flaw 1

Melimet · Melimet · commit 9c597471fc11 · 2023-02-01T12:40:09.000+02:00
diff --git a/backend/package-lock.json b/backend/package-lock.json
diff --git a/backend/package.json b/backend/package.json
@@ -7,13 +7,15 @@
     "test": "echo \"Error: no test specified\" && exit 1",
     "ts-node": "ts-node",
     "tsc": "tsc",
-    "dev": "ts-node-dev src/index.ts"
+    "prod": "cross-env NODE_ENV=production ts-node src/index.ts",
+    "dev": "cross-env NODE_ENV=development ts-node-dev src/index.ts"
   },
   "author": "",
   "license": "ISC",
   "devDependencies": {
     "@types/cors": "^2.8.12",
     "@types/express": "^4.17.14",
+    "cross-env": "^7.0.3",
     "ts-node": "^10.9.1",
     "ts-node-dev": "^2.0.0",
     "typescript": "^4.9.3"
diff --git a/backend/src/routes/user.ts b/backend/src/routes/user.ts
@@ -1,12 +1,12 @@
-import express from "express";
-import { getUsers } from "../services/userService";
+import express from "express"
+import { getUsers } from "../services/userService"
 
 const userRouter = express.Router()
 
-//TODO: TEST USE ONLY, DONT PUT IN PRODUCTION!!!!!!
-userRouter.get('/', (_request, response) => {
-  const users = getUsers()
-  return response.json(users)
-})
-
+//if (process.env.NODE_ENV === "development" || process.env.NODE_ENV === "test") {
+  userRouter.get("/", (_request, response) => {
+    const users = getUsers()
+    return response.json(users)
+  })
+//}
 export { userRouter }
