World Membership
The worldMembership.controller.ts file manages user memberships within worlds, including retrieving all members, fetching a user's membership, and updating member roles. These endpoints allow for viewing and managing world membership and roles.
Note: All world membership routes use the
requireAuthmiddleware to ensure the user is authenticated. ThePATCH /api/membership/:idroute also uses therequireRolemiddleware to restrict access to users with the OWNER role. For more details, see the requireAuth and requireRole documentation.
Key Functions
getAllMemberships
Retrieves all members of a specific world, including their usernames and the world's join code.
Flow:
- Extracts the
idparameter from the request at/api/membership/all/:id(whereidis the world ID). - Queries the database for all memberships in the specified world, including usernames.
- Retrieves the join code for the world.
- Returns a JSON response with the join code and member list.
getWorldMembership
Retrieves the authenticated user's membership for a specific world.
Flow:
- Extracts the
idparameter from the request at/api/membership/:id(whereidis the world ID). - Uses the authenticated user's ID from the JWT payload.
- Queries the database for the user's membership in the specified world, including world details.
- Returns a JSON response with the membership data.
updateMemberRole
Updates the role of a member in a specific world (OWNER only).
Flow:
- Extracts the
idparameter from the request at/api/membership/:id(whereidis the world ID). - Reads
roleanduserIdfrom the request body. - Updates the member's role in the database.
- Returns a success response.
Routes
The following routes are defined in worldMembership.routes.ts and connect HTTP requests to the corresponding controller functions:
| Method | Path | Description | Controller Function | Middleware |
|---|---|---|---|---|
| GET | /api/membership/all/:id | Get all members and join code for a world | getAllMemberships | requireAuth |
| GET | /api/membership/:id | Get authenticated user's membership for a world | getWorldMembership | requireAuth |
| PATCH | /api/membership/:id | Update a member's role in a world | updateMemberRole | requireAuth, requireRole("OWNER") |
Error Handling
- Returns
400 Bad Requestfor missing or invalid data. - Returns
403 Forbiddenif the user is not authorized to update roles. - Returns
500 Internal Server Errorfor unexpected errors.
Example Requests & Responses
Get All Memberships
Request:
GET /api/membership/all/world123
Cookie: token=<JWT_TOKEN>
Successful Response:
{
"code": { "code": "abc123" },
"members": [
{ "user": { "username": "player1" } },
{ "user": { "username": "player2" } }
// ...more members
]
}
Get World Membership
Request:
GET /api/membership/world123
Cookie: token=<JWT_TOKEN>
Successful Response:
{
"membership": {
"role": "MEMBER",
"world": {
"id": "world123",
"name": "Adventure Realm"
}
}
}
Update Member Role
Request:
PATCH /api/membership/world123
Content-Type: application/json
Cookie: token=<JWT_TOKEN>
{
"userId": "user456",
"role": "ADMIN"
}
Successful Response:
{
"success": true
}
Usage Instructions
- View All Members:
UseGET /api/membership/all/:idto see all members and the join code for a world. - View Your Membership:
UseGET /api/membership/:idto see your membership details for a world. - Update Member Role:
UsePATCH /api/membership/:idto change a member's role (OWNER only).
Dependencies
- Express: Handles HTTP requests and responses.
- Prisma: ORM for database