/user/info should pass through the auth middleware and I just added it. The auth middleware decodes the user payload in jwt to req.user, and the fetched user info should have the same user id as req.user.id.
Essentially a user can only get the user info with a given token, not an id.
For further actions, you may consider blocking this person and/or reporting abuse
We're a place where coders share, stay up-to-date and grow their careers.
/user/info should pass through the auth middleware and I just added it. The auth middleware decodes the user payload in jwt to req.user, and the fetched user info should have the same user id as req.user.id.
Essentially a user can only get the user info with a given token, not an id.