mirror of
https://github.com/hedgedoc/hedgedoc.git
synced 2024-11-27 03:58:02 -05:00
MediaController: Double-check that req.user is defined
TokenAuthGuard ensures that req.user is always defined, but thanks to strict mode we have to check again. In the future, we may add a custom Request type and a custom param decorator to centralize the check. Signed-off-by: David Mehren <git@herrmehren.de>
This commit is contained in:
parent
ace1b7fad6
commit
16ed12bfd7
1 changed files with 8 additions and 0 deletions
|
@ -94,6 +94,10 @@ export class MediaController {
|
|||
@UploadedFile() file: MulterFile,
|
||||
@Headers('HedgeDoc-Note') noteId: string,
|
||||
): Promise<MediaUploadUrlDto> {
|
||||
if (!req.user) {
|
||||
// We should never reach this, as the TokenAuthGuard handles missing user info
|
||||
throw new InternalServerErrorException('Request did not specify user');
|
||||
}
|
||||
const username = req.user.userName;
|
||||
this.logger.debug(
|
||||
`Recieved filename '${file.originalname}' for note '${noteId}' from user '${username}'`,
|
||||
|
@ -130,6 +134,10 @@ export class MediaController {
|
|||
@Req() req: Request,
|
||||
@Param('filename') filename: string,
|
||||
): Promise<void> {
|
||||
if (!req.user) {
|
||||
// We should never reach this, as the TokenAuthGuard handles missing user info
|
||||
throw new InternalServerErrorException('Request did not specify user');
|
||||
}
|
||||
const username = req.user.userName;
|
||||
try {
|
||||
this.logger.debug(
|
||||
|
|
Loading…
Reference in a new issue