fix: add auth header to public image upload (#2496)

- The public file upload route requires auth to allow teamEditors to upload images
theopensystemslab · Nov 29, 2023 · ddd9ca4 · ddd9ca4
1 parent a572587
commit ddd9ca4
Showing 1 changed file with 11 additions and 2 deletions.
diff --git a/editor.planx.uk/src/api/upload.ts b/editor.planx.uk/src/api/upload.ts
@@ -1,4 +1,5 @@
-import axios from "axios";
+import axios, { RawAxiosRequestHeaders } from "axios";
+import { getCookie } from "lib/cookie";
 
 export { uploadPrivateFile, uploadPublicFile };
 
@@ -8,7 +9,13 @@ async function uploadPublicFile(
   file: any,
   { onProgress }: { onProgress?: (p: any) => void } = {},
 ) {
-  const { data } = await handleUpload(file, { onProgress, path: "public" });
+  const token = getCookie("jwt");
+  const authRequestHeader = { Authorization: `Bearer ${token}` };
+  const { data } = await handleUpload(
+    file,
+    { onProgress, path: "public" },
+    authRequestHeader,
+  );
 
   return data.fileUrl;
 }
@@ -28,6 +35,7 @@ function handleUpload(
     onProgress,
     path: path,
   }: { onProgress?: (p: any) => void; path: "public" | "private" },
+  authHeader?: RawAxiosRequestHeaders,
 ) {
   const formData = new FormData();
 
@@ -45,6 +53,7 @@ function handleUpload(
   return axios.post(endpoint, formData, {
     headers: {
       "Content-Type": "multipart/form-data",
+      ...(authHeader && authHeader),
     },
     onUploadProgress: ({ loaded, total }) => {
       if (onProgress && total) {