Extracted user id from the jwt for delete all

src/routes/notification.js

@@ -72,16 +72,40 @@ router.delete("/delete/:id", async (req, res) => {
 
 });
 
-router.delete("/delete/all/:id", async (req, res) => {
+router.delete("/delete/all", async (req, res) => {
   // delete all the notifications
   // grab the user id
   // delete on the database
   try {
-    const notifications = await Notification.deleteMany({ user_id: req.params.id })
-    if (!notifications) {
-      return res.status(404).send();
+    // Get the JWT secret from the environment variables
+    const secretKey = process.env.JWT_SECRET;
+
+    // If this is not set we want to throw an error as this is required to retrieve the user
+    // id from the provided token.
+    if (secretKey == null) {
+      console.error('JWT_SECRET is not set in the environment variables');
+      return res.status(500).send("JWT_SECRET is not set in the environment variables");
     }
-    res.send(notifications);
+
+    // Get the token from the request headers
+    const token = req.headers.authorization.split(" ")[1];
+
+    // Decode this token with the secret key
+    const payload = jwt.decode(token, secretKey, false, jwtAlgorithm);
+
+    // Get the user id from the decoded token payload.
+    const userId = payload.id;
+
+    console.log("deleting all notifications for user: " + userId)
+
+    const notifications = await Notification.deleteMany({ user_id: userId })
+
+    // If the delete was not successful send a 500 error.
+    if (!notifications.acknowledged) {
+      return res.status(500).send();
+    }
+
+    res.status(200);
   } catch (error) {
     res.status(500).send(error);
   }