Tell us what’s happening:
FCC Test failed with timeout 
You can send a DELETE request to /api/replies/{board} and pass along the thread_id, reply_id, & delete_password.
Returned will be the string incorrect password or success.
On success, the text of the reply_id will be changed to [deleted]. (Test timed out)
Only that test fail with a timeout, as you can see on the screenshot. I tried to optimize my code, but still, unable to validate it.
Your code so far
app.route('/api/replies/:board').delete((req, res) => {
const thread_id = req.body.thread_id
const reply_id = req.body.reply_id
const delete_password = req.body.delete_password
if (isNotClear(req.body) || _.isNil(thread_id) || _.isNil(reply_id) || _.isNil(delete_password)) {
console.error("[Error with request body]")
return res.json({error:true, message:'Error with the request body'})
}
ThreadModel.findById({_id: thread_id}, (err, thread) => {
if (err) {
console.error('[Error while finding thread]', err)
return res.send('incorrect password')
}
const replyIndex = thread.replies.findIndex(reply => reply._id.toString() === reply_id)
const reply = thread.replies[replyIndex]
if (_.isNil(reply)) {
console.error('[Error while reply thread]', err)
return res.send('incorrect password')
}
bcrypt.compare(delete_password, reply['delete_password'], (err, result) => {
if (err || result === false) {
console.error('[Error: incorrect password]', err)
return res.send('incorrect password')
}
thread.replies[replyIndex].text = '[deleted]'
thread.save().then(result => {
console.log('Reply successfully deleted');
return res.send('success');
}).catch(err => {
console.error('[Error: while deleting reply]', err);
return res.send('incorrect password');
})
});
});
})
Your project link(s)
solution: https://replit.com/@m2farah/fcc-information-security-project2-anonymous-message-board
Your browser information:
User Agent is: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
Challenge: Anonymous Message Board
Link to the challenge:
