kittyteam/kittyBE
3
1
Fork 0
Code Issues 1 Pull Requests Actions Packages Projects Releases 5 Wiki Activity

fix: check for JWT validity when attempting to decode it
All checks were successful
Update changelog / changelog (push) Successful in 26s
Details

Browse Source
This commit is contained in:
sherl
2026-01-27 12:52:21 +01:00
parent 5771a182fe
commit 6114416b8b
1 changed files with 5 additions and 2 deletions
Download Patch File Download Diff File Expand all files Collapse all files

7
src/controllers/linkController.ts
View File

@@ -94,7 +94,10 @@ export async function createLinkHandler(
) { ) {
// Using locals to retrieve decoded user JWT. // Using locals to retrieve decoded user JWT.
const decodedUser: jwt.JwtDecoded | undefined = res.locals.user?.decoded; // jwt.JwtDecoded when JWT is supplied
// undefined if not
// null if is invalid (expired)
const decodedUser: jwt.JwtDecoded | undefined | null = res.locals.user?.decoded;
const linkService = new LinkService(); const linkService = new LinkService();
const subdomainsAllowed: boolean = env.getBool('useSubdomains', true)!; const subdomainsAllowed: boolean = env.getBool('useSubdomains', true)!;
const rewriteStrings: env.RewriteStrings = env.getRewriteStrings(); const rewriteStrings: env.RewriteStrings = env.getRewriteStrings();
@@ -114,7 +117,7 @@ export async function createLinkHandler(
} }
let user: User | null = null; let user: User | null = null;
if (decodedUser !== undefined) { if (decodedUser !== undefined && decodedUser !== null) {
// If user is logged in, retrieve the account. // If user is logged in, retrieve the account.
const userService = new UserService(); const userService = new UserService();
user = await userService.findById(decodedUser.sub); user = await userService.findById(decodedUser.sub);