When multiple users are concurrently accessing this API, the response is getting mixed up. User-1 is getting user-2's response.
I believe this is happening due to something I am globally using in the below code.
Please help me sort this out.
const codeModel = async (req, res) => {
let connection;
try {
connection = await oracledb.getConnection("MS");
let lastCodeSQL = `perfectly running sql query with properly binding params)`;
let bind = [
req.header.USERNAME,
req.body.C_ID,
req.body.S_ID,
req.body.Q_ID,
];
const lastCodeSQLres = await connection.execute(lastCodeSQL, bind);
res.json(lastCodeSQLres);
connection.release();
} catch (err) {
logger.info(err);
} finally {
try {
if (connection) {
await connection.close(); // Ensure connection release
}
} catch (err) {
logger.error("Error closing connection:", err);
}
}
};
i have the below code in my application. Is there any scope of variables being global ?
let bind = {
userid: {
dir: oracledb.BIND_IN,
val: username.toLowerCase(),
type: oracledb.STRING,
},
c_id: {
dir: oracledb.BIND_IN,
val: cont,
type: oracledb.NUMBER,
},
q_id: {
dir: oracledb.BIND_IN,
val: quest,
type: oracledb.STRING,
},
a_q: {
dir: oracledb.BIND_IN,
val: sql,
type: oracledb.STRING,
},
q_output: {
dir: oracledb.BIND_IN,
val: JSON.stringify(something),
type: oracledb.STRING,
},
};
Here is my middleware.
let authentication=req.headers.authtoken;
const data=jsonwebtoken.verify(authentication,authString);
req.header.USERNAME = data.user.EMAIL;
Indeed there is
something I am globally using:
req.header is a function, more precisely, an alias for req.get. This function exists only once inside the Express closure, therefore the statement
req.header.USERNAME = data.user.EMAIL;
in your middleware always writes to the same property, independently of the request req currently being processed. In other words: The email of user 2 overwrites the email of user 1, leading exactly to the behavior that you observe.
Write
req.USERNAME = data.user.EMAIL;
instead.