Auth Function [signToken] - Parameter missing

Description

function signToken(id) {
  return jwt.sign({ _id: id }, config.secrets.session, { expiresInMinutes: 60*5 });
}

function signToken(id, role) {
  return jwt.sign({ _id: id, role: role }, config.secrets.session, { expiresInMinutes: 60*5 });
}

function setTokenCookie(req, res) {
  if (!req.user) return res.json(404, { message: 'Something went wrong, please try again.'});
  var token = signToken(req.user._id, req.user.role);
  res.cookie('token', JSON.stringify(token));
  res.redirect('/');
}

Contributor guide

Tech stack

javascriptnodejsexpressangular

Domain

backendauthentication

Issue type

bug

DifficultyEstimated implementation difficulty for a new contributor, from 1 for very small changes to 5 for expert-level work.

1

Estimated timeA rough time range for an experienced contributor to investigate, implement, test, and prepare a pull request.

under 1 hour

Activity statusHow available the issue appears right now: fresh, active, stale, blocked, or waiting on maintainer input.

stale

ClarityHow clearly the issue explains the expected change, acceptance criteria, and next step.

clear

Prerequisites

basic JavaScriptunderstanding of JWT

Newbie friendlinessA 1-100 score estimating how approachable this issue is for first-time contributors.

95

Research direction

In server/auth/auth.service.js around line 59, modify the signToken function to accept a 'role' parameter and include it in the JWT payload. Update the function signature and the jwt.sign call as shown in the issue description. Ensure all callers pass the role argument; they already do as per the example in setTokenCookie.