4nk/lecoffre-back
4
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

add mimetype check on file middleware

Browse Source
This commit is contained in:
OxSaitama 2023-10-06 13:32:43 +02:00
parent f36bf69624
commit bcf2e64b19
2 changed files with 5 additions and 4 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
src/app/api/customer/FilesController.ts
View File

@ -88,10 +88,6 @@ export default class FilesController extends ApiController {
try { try {
//get file //get file
if (!req.file) throw new Error("No file provided"); if (!req.file) throw new Error("No file provided");
if (req.file.mimetype !== "application/pdf" && req.file.mimetype !== "image/png" && req.file.mimetype !== "image/jpeg") {
this.httpBadRequest(response, "File type not supported");
return;
}
//init File resource with request body values //init File resource with request body values
const fileEntity = File.hydrate<File>(JSON.parse(req.body["q"])); const fileEntity = File.hydrate<File>(JSON.parse(req.body["q"]));

5
src/app/middlewares/CustomerHandler/FileHandler.ts
View File

@ -9,6 +9,11 @@ export default async function fileHandler(req: Request, response: Response, next
const uid = req.path && req.path.split("/")[5]; const uid = req.path && req.path.split("/")[5];
const document = req.body.document; const document = req.body.document;
if (req.file?.mimetype !== "application/pdf" && req.file?.mimetype !== "image/png" && req.file?.mimetype !== "image/jpeg") {
response.status(HttpCodes.BAD_REQUEST).send("File type not supported");
return;
}
if (uid) { if (uid) {
const fileService = Container.get(FilesService); const fileService = Container.get(FilesService);
const file = await fileService.getByUidWithDocument(uid); const file = await fileService.getByUidWithDocument(uid);