fixes

src/fe/scss/_modal.scss

@@ -47,12 +47,14 @@
     align-items: center;
     justify-content: space-between;
     border-bottom: 1px solid var(--main-darker);
+    font-size: 1.5rem;
 
     &-button .btn {
       min-width: initial;
       font-weight: bold;
       font-size: 2rem;
       padding: 0 0.65rem;
+      text-decoration: none;
     }
   }
 }

src/main.ts

@@ -21,6 +21,11 @@ async function bootstrap() {
   // app.use(express.urlencoded());
   // app.use(cookieParser());
 
+  // Production servers have to be behind a proxy.
+  if (process.env.NODE_ENV === 'production') {
+    app.set('trust proxy');
+  }
+
   app.use(
     session({
       secret: process.env.SESSION_SECRET,

src/modules/features/oauth2/adapter/access-token.adapter.ts

@@ -52,6 +52,10 @@ export class AccessTokenAdapter implements OAuth2AccessTokenAdapter {
       OAuth2TokenType.ACCESS_TOKEN,
     );
 
+    if (!find) {
+      return null;
+    }
+
     return {
       ...find,
       client_id: find.client.client_id,

src/modules/features/oauth2/adapter/client.adapter.ts

@@ -11,6 +11,11 @@ export class ClientAdapter implements OAuth2ClientAdapter {
 
   async fetchById(id: string): Promise<OAuth2Client> {
     const find = await this._service.clientService.getById(id);
+
+    if (!find) {
+      return null;
+    }
+
     return {
       id: find.client_id,
       scope: this._service.splitScope(find.scope),

src/modules/features/oauth2/adapter/code.adapter.ts

@@ -43,6 +43,10 @@ export class CodeAdapter implements OAuth2CodeAdapter {
       OAuth2TokenType.CODE,
     );
 
+    if (!find) {
+      return null;
+    }
+
     return {
       ...find,
       code: find.token,

src/modules/features/oauth2/adapter/refresh-token.adapter.ts

@@ -47,6 +47,10 @@ export class RefreshTokenAdapter implements OAuth2RefreshTokenAdapter {
       OAuth2TokenType.REFRESH_TOKEN,
     );
 
+    if (!find) {
+      return null;
+    }
+
     return {
       ...find,
       client_id: find.client.client_id,

src/modules/features/oauth2/adapter/user.adapter.ts

@@ -13,6 +13,11 @@ export class UserAdapter implements OAuth2UserAdapter {
 
   async fetchById(id: number): Promise<OAuth2User> {
     const find = await this._service.userService.getById(id);
+
+    if (!find) {
+      return null;
+    }
+
     return {
       id: find.id,
       username: find.username,
@@ -22,6 +27,11 @@ export class UserAdapter implements OAuth2UserAdapter {
 
   async fetchByUsername(username: string): Promise<OAuth2User> {
     const find = await this._service.userService.getByUsername(username);
+
+    if (!find) {
+      return null;
+    }
+
     return {
       id: find.id,
       username: find.username,

src/modules/features/settings/settings.controller.ts

@@ -89,31 +89,32 @@ export class SettingsController {
     @Req() req: Request,
     @UploadedFile() file: Express.Multer.File,
   ) {
-    if (!this._token.verifyCSRF(req)) {
-      throw new BadRequestException('Invalid session. Please try again.');
-    }
-
-    if (!file) {
-      throw new BadRequestException('Avatar upload failed');
-    }
-
     try {
+      if (!this._token.verifyCSRF(req)) {
+        throw new BadRequestException('Invalid session. Please try again.');
+      }
+
+      if (!file) {
+        throw new BadRequestException('Avatar upload failed');
+      }
+
       const matches = await this._upload.checkImageAspect(file);
       if (!matches) {
         throw new BadRequestException(
           'Avatar should be with a 1:1 aspect ratio.',
         );
       }
+
+      const upload = await this._upload.registerUploadedFile(file, req.user);
+      await this._user.updateAvatar(req.user, upload);
+
+      return {
+        file: upload.file,
+      };
     } catch (e) {
       await unlink(file.path);
       throw e;
     }
-
-    const upload = await this._upload.registerUploadedFile(file, req.user);
-    await this._user.updateAvatar(req.user, upload);
-    return {
-      file: upload.file,
-    };
   }
 
   @Post('avatar/delete')