From d68b39fb7d8176726f5dd2b1ca7a87159ec1be79 Mon Sep 17 00:00:00 2001
From: Dominik <szczepaniak.dominik98@gmail.com>
Date: Sun, 30 Dec 2018 19:58:24 +0100
Subject: [PATCH] Checking ID in a proper method.

---
 src/middlewares/checkOwnership.js | 4 +---
 1 file changed, 1 insertion(+), 3 deletions(-)

diff --git a/src/middlewares/checkOwnership.js b/src/middlewares/checkOwnership.js
index 65a9cde..43b89e8 100644
--- a/src/middlewares/checkOwnership.js
+++ b/src/middlewares/checkOwnership.js
@@ -1,7 +1,5 @@
 export default (req, res, next) => {
-    const { _id } = req.user;
-    const { id } = req.params;
-    if(_id == id) next();
+    if(req.user._id.equals(req.params.id)) next();
     else res.status(403).json({
         success: false,
         message: 'Access denied. User not permitted.'