Skip to content

fix(public): fix self-view tracking logic in profile and card view handlers#294

Merged
Harxhit merged 5 commits into
Dev-Card:mainfrom
hariom888:fix-profile-self-view-tracking
Jun 18, 2026
Merged

fix(public): fix self-view tracking logic in profile and card view handlers#294
Harxhit merged 5 commits into
Dev-Card:mainfrom
hariom888:fix-profile-self-view-tracking

Conversation

@hariom888

@hariom888 hariom888 commented May 23, 2026

Copy link
Copy Markdown
Contributor

Problem

In apps/backend/src/routes/public.ts, when an authenticated owner views their own profile, viewerId was left as null (not set to their id). The guard if (viewerId !== user.id) then evaluates null !== user.id which is always true, so the self-view was
recorded in cardView anyway. This silently inflated totalViews and uniqueViewers on the analytics dashboard.

Fix

Introduced an explicit isSelfView boolean flag in both the /:username and /:username/card/:cardId handlers. When the decoded JWT id matches user.id, isSelfView is set to true and viewerId stays null. The guard is changed from viewerId !== user.id to !isSelfView, which correctly blocks the insert for authenticated owners while still tracking unauthenticated views with viewerId: null.

Affected handlers

  • GET /:username
  • GET /:username/card/:cardId

Testing

  • Authenticated owner viewing own profile → cardView.create NOT called
  • Authenticated other user viewing profile → cardView.create called with their id
  • Unauthenticated request → cardView.create called with viewerId: null

Closes #203

@Harxhit Harxhit added the gssoc:approved Required label for every approved PR. Gives the base +50 points and enables contribution tracking. label May 23, 2026
@Prince2301p

Prince2301p commented May 24, 2026

Copy link
Copy Markdown

Hi,
I would like to work on resolving this issue. Please assign it to me. I’m a participant in GSSoC 2026 and would be happy to contribute.
Looking forward to collaborating with you.

ShantKhatri
ShantKhatri requested changes May 28, 2026
View reviewed changes
Comment thread apps/backend/src/routes/public.ts
@hariom888 hariom888 force-pushed the fix-profile-self-view-tracking branch from c3ea871 to 2afa258 Compare May 28, 2026 20:05
@hariom888

hariom888 commented May 28, 2026

Copy link
Copy Markdown
Contributor Author

@ShantKhatri Done, reverted all unintended formatting changes. Only the isSelfView logic remains.

@ShantKhatri ShantKhatri requested a review from Harxhit June 6, 2026 16:59
ShantKhatri
ShantKhatri approved these changes Jun 6, 2026
View reviewed changes

@ShantKhatri ShantKhatri left a comment

Copy link
Copy Markdown
Collaborator

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM! @Harxhit, you can have the final review.

@Harxhit

Harxhit commented Jun 16, 2026

Copy link
Copy Markdown
Collaborator

Please resolve the merge conflicts and pin me our pr-review channel.

@hariom888
Merge branch 'main' into fix-profile-self-view-tracking
40b6935 
Signed-off-by: hariom888 <hariom880088@gmail.com>
@vercel

vercel Bot commented Jun 17, 2026

Copy link
Copy Markdown

@hariom888 is attempting to deploy a commit to the Prashantkumar Khatri's projects Team on Vercel.

A member of the Team first needs to authorize it.

@github-actions

github-actions Bot commented Jun 17, 2026
edited
Loading

Copy link
Copy Markdown

CI — All Checks Passed

Backend — PASS

Check Result
Lint PASS
Test PASS
Typecheck PASS

Mobile — SKIP

Check Result
Lint -
Test -

Web — SKIP

Check Result
Build -

Last updated: Wed, 17 Jun 2026 20:48:34 GMT

Harxhit
Harxhit approved these changes Jun 18, 2026
View reviewed changes

@Harxhit Harxhit left a comment

Copy link
Copy Markdown
Collaborator

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM.Approving

@Harxhit Harxhit merged commit ba56e95 into Dev-Card:main Jun 18, 2026
5 of 6 checks passed
@github-actions

github-actions Bot commented Jun 18, 2026

Copy link
Copy Markdown

Congratulations @hariom888 on getting PR #294 merged!

Thank you for your contribution to the project.

To receive the appropriate GSSoC labels and recognition, please mention @Harxhit in the #get-labels channel on our Discord server and share your merged PR link.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@Harxhit Harxhit Harxhit approved these changes

@ShantKhatri ShantKhatri ShantKhatri approved these changes

Assignees

No one assigned

Labels

gssoc:approved Required label for every approved PR. Gives the base +50 points and enables contribution tracking.

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

Profile view tracking incorrectly records owner's own views when unauthenticated — viewerId !== user.id is always true when viewerId is null

4 participants

@hariom888 @Prince2301p @Harxhit @ShantKhatri