Don't guard images behing auth

You can't just add headers to clientside image requests without basically manually fetching and drawing it to a canvas, and the UUIDs are random enough that they won't be brute forced. So, for vastly more simple client code, remove the auth guard.

Don't guard images behing auth
8d28e882 · Adrian Paschkowski · d5db3438 · 8d28e882
Verified Commit 8d28e882 authored 3 years ago by Adrian Paschkowski
--- a/src/images.controller.ts
+++ b/src/images.controller.ts
-import {
-    Controller,
-    Get,
-    Header,
-    HttpCode,
-    Param,
-    Res,
-    UseGuards,
-} from '@nestjs/common';
+import { Controller, Get, Param, Res } from '@nestjs/common';
 import { Response } from 'express';
 import { join } from 'path';
-import { WebAuthGuard } from './auth/web-auth.guard';

 @Controller('images')
-@UseGuards(WebAuthGuard)
 export class ImageController {
    @Get(':id')
    public image(@Param('id') id: string, @Res() res: Response) {
-        res.sendFile(join(process.cwd(), 'photos', `${id}.jpg`));
+        res.sendFile(
+            join(process.cwd(), 'photos', `${id.replace(/\.jpg$/, '')}.jpg`),
+        );
    }
 }