fix security check

app/passport/passportFunctions.ts

@@ -97,7 +97,7 @@ function loggedIn() {
             next();
         } else {
             let message = "Vous n'êtes pas connecté";
-            res.redirect(`/login?message=${message}`, {title: "Connexion"});
+            res.redirect(`/login?message=${message}`);
         }
     };
 }

app/routes/MainRouter.ts

@@ -7,7 +7,7 @@ import {createCSRFToken} from "../middlewares/CSRFMiddlewares";
 const {v4: uuidv4} = require("uuid");
 const session = require("express-session");
 const FileStore = require("session-file-store")(session);
-const {passport, checkRole} = require("../passport/passportFunctions");
+const {passport, checkRole, checkRoleTwoProfile} = require("../passport/passportFunctions");
 
 export const defaultRouter = Router();
 
@@ -60,8 +60,8 @@ defaultRouter.post("/canditature/:numero", checkRole("Candidat"), upload.fields(
     {name: 'cv', maxCount: 1},
     {name: 'lettre', maxCount: 1}
 ]), CandidatureController.candidater);
-defaultRouter.get("/candidature/:email/:numero", CandidatureController.candidature);
-defaultRouter.get("/download/:id", CandidatureController.getFile);
+defaultRouter.get("/candidature/:email/:numero", checkRoleTwoProfile("Candidat", "Recruteur"), CandidatureController.candidature);
+defaultRouter.get("/download/:id", checkRoleTwoProfile("Candidat", "Recruteur"), CandidatureController.getFile);
 
 
 defaultRouter.post(

app/routes/OfferRouter.ts

@@ -8,4 +8,4 @@ offerRouter.use(passport.initialize());
 offerRouter.use(passport.session());
 offerRouter.get("/creation", checkRole("Recruteur"), OfferController.creation);
 offerRouter.post("/creation", checkRole("Recruteur"), OfferController.creation);
-offerRouter.get("/:numero", OfferController.offre);
+offerRouter.get("/:numero", loggedIn(), OfferController.offre);