From a534e38c92d6c1ed2fd091c93d495f21ab3fb5c9 Mon Sep 17 00:00:00 2001
From: Jose Celano <josecelano@gmail.com>
Date: Mon, 3 Jul 2023 11:58:33 +0100
Subject: [PATCH] fix: [#230] make sure user exist in upload torrent endpoint

We get the user ID from the Json Web Token, but that does not mean the user actually exists. The session could be valid, but the user could have been removed from the database.
---
 src/services/torrent.rs | 2 ++
 1 file changed, 2 insertions(+)

diff --git a/src/services/torrent.rs b/src/services/torrent.rs
index c56dc9a3..5d12e119 100644
--- a/src/services/torrent.rs
+++ b/src/services/torrent.rs
@@ -99,6 +99,8 @@ impl Index {
     /// * Unable to insert the torrent into the database.
     /// * Unable to add the torrent to the whitelist.
     pub async fn add_torrent(&self, mut torrent_request: AddTorrentRequest, user_id: UserId) -> Result<TorrentId, ServiceError> {
+        let _user = self.user_repository.get_compact(&user_id).await?;
+
         torrent_request.torrent.set_announce_urls(&self.configuration).await;
 
         let category = self