From 8cff63a0a7a6d146851170307ea312dcb4be68b8 Mon Sep 17 00:00:00 2001 From: Evert Prants Date: Sat, 26 Mar 2022 09:22:14 +0200 Subject: [PATCH] fixes --- src/fe/scss/_modal.scss | 2 ++ src/main.ts | 5 ++++ .../oauth2/adapter/access-token.adapter.ts | 4 +++ .../features/oauth2/adapter/client.adapter.ts | 5 ++++ .../features/oauth2/adapter/code.adapter.ts | 4 +++ .../oauth2/adapter/refresh-token.adapter.ts | 4 +++ .../features/oauth2/adapter/user.adapter.ts | 10 +++++++ .../features/settings/settings.controller.ts | 29 ++++++++++--------- 8 files changed, 49 insertions(+), 14 deletions(-) diff --git a/src/fe/scss/_modal.scss b/src/fe/scss/_modal.scss index 16193d4..03aef56 100644 --- a/src/fe/scss/_modal.scss +++ b/src/fe/scss/_modal.scss @@ -47,12 +47,14 @@ align-items: center; justify-content: space-between; border-bottom: 1px solid var(--main-darker); + font-size: 1.5rem; &-button .btn { min-width: initial; font-weight: bold; font-size: 2rem; padding: 0 0.65rem; + text-decoration: none; } } } diff --git a/src/main.ts b/src/main.ts index 2f907d3..dba9d5c 100644 --- a/src/main.ts +++ b/src/main.ts @@ -21,6 +21,11 @@ async function bootstrap() { // app.use(express.urlencoded()); // app.use(cookieParser()); + // Production servers have to be behind a proxy. + if (process.env.NODE_ENV === 'production') { + app.set('trust proxy'); + } + app.use( session({ secret: process.env.SESSION_SECRET, diff --git a/src/modules/features/oauth2/adapter/access-token.adapter.ts b/src/modules/features/oauth2/adapter/access-token.adapter.ts index c4e6229..f2e4bf9 100644 --- a/src/modules/features/oauth2/adapter/access-token.adapter.ts +++ b/src/modules/features/oauth2/adapter/access-token.adapter.ts @@ -52,6 +52,10 @@ export class AccessTokenAdapter implements OAuth2AccessTokenAdapter { OAuth2TokenType.ACCESS_TOKEN, ); + if (!find) { + return null; + } + return { ...find, client_id: find.client.client_id, diff --git a/src/modules/features/oauth2/adapter/client.adapter.ts b/src/modules/features/oauth2/adapter/client.adapter.ts index dfb2999..71f07ba 100644 --- a/src/modules/features/oauth2/adapter/client.adapter.ts +++ b/src/modules/features/oauth2/adapter/client.adapter.ts @@ -11,6 +11,11 @@ export class ClientAdapter implements OAuth2ClientAdapter { async fetchById(id: string): Promise { const find = await this._service.clientService.getById(id); + + if (!find) { + return null; + } + return { id: find.client_id, scope: this._service.splitScope(find.scope), diff --git a/src/modules/features/oauth2/adapter/code.adapter.ts b/src/modules/features/oauth2/adapter/code.adapter.ts index 6e4cf32..85401c0 100644 --- a/src/modules/features/oauth2/adapter/code.adapter.ts +++ b/src/modules/features/oauth2/adapter/code.adapter.ts @@ -43,6 +43,10 @@ export class CodeAdapter implements OAuth2CodeAdapter { OAuth2TokenType.CODE, ); + if (!find) { + return null; + } + return { ...find, code: find.token, diff --git a/src/modules/features/oauth2/adapter/refresh-token.adapter.ts b/src/modules/features/oauth2/adapter/refresh-token.adapter.ts index 2e67195..1c1d19e 100644 --- a/src/modules/features/oauth2/adapter/refresh-token.adapter.ts +++ b/src/modules/features/oauth2/adapter/refresh-token.adapter.ts @@ -47,6 +47,10 @@ export class RefreshTokenAdapter implements OAuth2RefreshTokenAdapter { OAuth2TokenType.REFRESH_TOKEN, ); + if (!find) { + return null; + } + return { ...find, client_id: find.client.client_id, diff --git a/src/modules/features/oauth2/adapter/user.adapter.ts b/src/modules/features/oauth2/adapter/user.adapter.ts index f540f8a..fcd259f 100644 --- a/src/modules/features/oauth2/adapter/user.adapter.ts +++ b/src/modules/features/oauth2/adapter/user.adapter.ts @@ -13,6 +13,11 @@ export class UserAdapter implements OAuth2UserAdapter { async fetchById(id: number): Promise { const find = await this._service.userService.getById(id); + + if (!find) { + return null; + } + return { id: find.id, username: find.username, @@ -22,6 +27,11 @@ export class UserAdapter implements OAuth2UserAdapter { async fetchByUsername(username: string): Promise { const find = await this._service.userService.getByUsername(username); + + if (!find) { + return null; + } + return { id: find.id, username: find.username, diff --git a/src/modules/features/settings/settings.controller.ts b/src/modules/features/settings/settings.controller.ts index 74efa10..99cf18b 100644 --- a/src/modules/features/settings/settings.controller.ts +++ b/src/modules/features/settings/settings.controller.ts @@ -89,31 +89,32 @@ export class SettingsController { @Req() req: Request, @UploadedFile() file: Express.Multer.File, ) { - if (!this._token.verifyCSRF(req)) { - throw new BadRequestException('Invalid session. Please try again.'); - } - - if (!file) { - throw new BadRequestException('Avatar upload failed'); - } - try { + if (!this._token.verifyCSRF(req)) { + throw new BadRequestException('Invalid session. Please try again.'); + } + + if (!file) { + throw new BadRequestException('Avatar upload failed'); + } + const matches = await this._upload.checkImageAspect(file); if (!matches) { throw new BadRequestException( 'Avatar should be with a 1:1 aspect ratio.', ); } + + const upload = await this._upload.registerUploadedFile(file, req.user); + await this._user.updateAvatar(req.user, upload); + + return { + file: upload.file, + }; } catch (e) { await unlink(file.path); throw e; } - - const upload = await this._upload.registerUploadedFile(file, req.user); - await this._user.updateAvatar(req.user, upload); - return { - file: upload.file, - }; } @Post('avatar/delete')