diff --git a/packages/api/src/utils/createTask.ts b/packages/api/src/utils/createTask.ts index 17dae7831..d6d9f12e5 100644 --- a/packages/api/src/utils/createTask.ts +++ b/packages/api/src/utils/createTask.ts @@ -511,8 +511,8 @@ export const enqueueThumbnailTask = async ( content, } - const requestHeaders = { - Authorization: generateVerificationToken(userId), + const headers = { + Cookie: `auth=${generateVerificationToken(userId)}`, } // If there is no Google Cloud Project Id exposed, it means that we are in local environment @@ -521,7 +521,7 @@ export const enqueueThumbnailTask = async ( setTimeout(() => { axios .post(env.queue.thumbnailTaskHandlerUrl, payload, { - headers: requestHeaders, + headers, }) .catch((error) => { console.error(error) @@ -533,7 +533,7 @@ export const enqueueThumbnailTask = async ( const createdTasks = await createHttpTaskWithToken({ payload, taskHandlerUrl: env.queue.thumbnailTaskHandlerUrl, - requestHeaders, + requestHeaders: headers, }) if (!createdTasks || !createdTasks[0].name) { diff --git a/packages/thumbnail-handler/src/index.ts b/packages/thumbnail-handler/src/index.ts index 41e6ab640..9cd79d7f6 100644 --- a/packages/thumbnail-handler/src/index.ts +++ b/packages/thumbnail-handler/src/index.ts @@ -228,14 +228,24 @@ export const findThumbnail = async ( export const thumbnailHandler = Sentry.GCPFunction.wrapHttpFunction( async (req, res) => { - const token = req.headers?.authorization + if (!process.env.JWT_SECRET) { + console.error('JWT_SECRET not exists') + return res.status(500).send('JWT_SECRET_NOT_EXISTS') + } + + const token = req.headers.cookie?.split('auth=')[1] if (!token) { console.debug('no token') return res.status(401).send('UNAUTHORIZED') } - const { uid } = jwt.decode(token) as { uid: string } - if (!uid) { - console.debug('no uid') + let uid = '' + try { + const decoded = jwt.verify(token, process.env.JWT_SECRET) as { + uid: string + } + uid = decoded.uid + } catch (e) { + console.debug(e) return res.status(401).send('UNAUTHORIZED') }