global: add null safety checks

Notesnook.API/Controllers/AnnouncementController.cs

@@ -57,7 +57,7 @@ namespace Notesnook.API.Controllers
                     if (item.Type != "callToActions") continue;
                     foreach (var action in item.Actions)
                     {
-                        if (action.Type != "link") continue;
+                        if (action.Type != "link" || action.Data == null) continue;
 
                         action.Data = action.Data.Replace("{{UserId}}", userId ?? "0");
                     }

Notesnook.API/Controllers/InboxController.cs

@@ -47,7 +47,7 @@ namespace Notesnook.API.Controllers
         [Authorize(Policy = "Notesnook")]
         public async Task<IActionResult> GetApiKeysAsync()
         {
-            var userId = User.FindFirstValue("sub");
+            var userId = User.GetUserId();
             try
             {
                 var apiKeys = await inboxApiKeysRepository.FindAsync(t => t.UserId == userId);
@@ -64,7 +64,7 @@ namespace Notesnook.API.Controllers
         [Authorize(Policy = "Notesnook")]
         public async Task<IActionResult> CreateApiKeyAsync([FromBody] InboxApiKey request)
         {
-            var userId = User.FindFirstValue("sub");
+            var userId = User.GetUserId();
             try
             {
                 if (string.IsNullOrWhiteSpace(request.Name))
@@ -104,7 +104,7 @@ namespace Notesnook.API.Controllers
         [Authorize(Policy = "Notesnook")]
         public async Task<IActionResult> DeleteApiKeyAsync(string apiKey)
         {
-            var userId = User.FindFirstValue("sub");
+            var userId = User.GetUserId();
             try
             {
                 if (string.IsNullOrWhiteSpace(apiKey))
@@ -126,7 +126,7 @@ namespace Notesnook.API.Controllers
         [Authorize(Policy = InboxApiKeyAuthenticationDefaults.AuthenticationScheme)]
         public async Task<IActionResult> GetPublicKeyAsync()
         {
-            var userId = User.FindFirstValue("sub");
+            var userId = User.GetUserId();
             try
             {
                 var userSetting = await userSettingsRepository.FindOneAsync(u => u.UserId == userId);
@@ -147,7 +147,7 @@ namespace Notesnook.API.Controllers
         [Authorize(Policy = InboxApiKeyAuthenticationDefaults.AuthenticationScheme)]
         public async Task<IActionResult> CreateInboxItemAsync([FromBody] InboxSyncItem request)
         {
-            var userId = User.FindFirstValue("sub");
+            var userId = User.GetUserId();
             try
             {
                 if (request.Key.Algorithm != Algorithms.XSAL_X25519_7)

Notesnook.API/Controllers/MonographsController.cs

@@ -98,9 +98,8 @@ namespace Notesnook.API.Controllers
         {
             try
             {
-                var userId = this.User.FindFirstValue("sub");
+                var userId = this.User.GetUserId();
                 var jti = this.User.FindFirstValue("jti");
-                if (userId == null) return Unauthorized();
 
                 var existingMonograph = await FindMonographAsync(userId, monograph);
                 if (existingMonograph != null && !existingMonograph.Deleted) return await UpdateAsync(deviceId, monograph);
@@ -144,9 +143,8 @@ namespace Notesnook.API.Controllers
         {
             try
             {
-                var userId = this.User.FindFirstValue("sub");
+                var userId = this.User.GetUserId();
                 var jti = this.User.FindFirstValue("jti");
-                if (userId == null) return Unauthorized();
 
                 var existingMonograph = await FindMonographAsync(userId, monograph);
                 if (existingMonograph == null || existingMonograph.Deleted)
@@ -193,8 +191,7 @@ namespace Notesnook.API.Controllers
         [HttpGet]
         public async Task<IActionResult> GetUserMonographsAsync()
         {
-            var userId = this.User.FindFirstValue("sub");
-            if (userId == null) return Unauthorized();
+            var userId = this.User.GetUserId();
 
             var userMonographs = (await monographs.Collection.FindAsync(
                     Builders<Monograph>.Filter.And(
@@ -257,8 +254,7 @@ namespace Notesnook.API.Controllers
         [HttpDelete("{id}")]
         public async Task<IActionResult> DeleteAsync([FromQuery] string? deviceId, [FromRoute] string id)
         {
-            var userId = this.User.FindFirstValue("sub");
-            if (userId is null) return Unauthorized();
+            var userId = this.User.GetUserId();
 
             var monograph = await FindMonographAsync(id);
             if (monograph == null || monograph.Deleted)
@@ -310,12 +306,13 @@ namespace Notesnook.API.Controllers
             });
         }
 
-        private async Task<string> CleanupContentAsync(ClaimsPrincipal user, string content)
+        private async Task<string> CleanupContentAsync(ClaimsPrincipal user, string? content)
         {
+            if (string.IsNullOrEmpty(content)) return string.Empty;
             if (Constants.IS_SELF_HOSTED) return content;
             try
             {
-                var json = JsonSerializer.Deserialize<MonographContent>(content);
+                var json = JsonSerializer.Deserialize<MonographContent>(content) ?? throw new Exception("Invalid monograph content.");
                 var html = json.Data;
 
                 if (user.IsUserSubscribed())

Notesnook.API/Controllers/SyncDeviceController.cs

@@ -44,7 +44,7 @@ namespace Notesnook.API.Controllers
         {
             try
             {
-                var userId = this.User.FindFirstValue("sub") ?? throw new Exception("User not found.");
+                var userId = this.User.GetUserId();
                 new SyncDeviceService(new SyncDevice(userId, deviceId)).RegisterDevice();
                 return Ok();
             }
@@ -61,7 +61,7 @@ namespace Notesnook.API.Controllers
         {
             try
             {
-                var userId = this.User.FindFirstValue("sub") ?? throw new Exception("User not found.");
+                var userId = this.User.GetUserId();
                 new SyncDeviceService(new SyncDevice(userId, deviceId)).UnregisterDevice();
                 return Ok();
             }

Notesnook.API/Controllers/UsersController.cs

@@ -55,7 +55,7 @@ namespace Notesnook.API.Controllers
         [HttpGet]
         public async Task<IActionResult> GetUser()
         {
-            var userId = User.FindFirstValue("sub");
+            var userId = User.GetUserId();
             try
             {
                 UserResponse response = await UserService.GetUserAsync(userId);
@@ -72,7 +72,7 @@ namespace Notesnook.API.Controllers
         [HttpPatch]
         public async Task<IActionResult> UpdateUser([FromBody] UserKeys keys)
         {
-            var userId = User.FindFirstValue("sub");
+            var userId = User.GetUserId();
             try
             {
                 await UserService.SetUserKeysAsync(userId, keys);
@@ -88,7 +88,7 @@ namespace Notesnook.API.Controllers
         [HttpPost("reset")]
         public async Task<IActionResult> Reset([FromForm] bool removeAttachments)
         {
-            var userId = this.User.FindFirstValue("sub");
+            var userId = this.User.GetUserId();
 
             if (await UserService.ResetUserAsync(userId, removeAttachments))
                 return Ok();
@@ -99,7 +99,7 @@ namespace Notesnook.API.Controllers
         [RequestTimeout(5 * 60 * 1000)]
         public async Task<IActionResult> Delete([FromForm] DeleteAccountForm form)
         {
-            var userId = this.User.FindFirstValue("sub");
+            var userId = this.User.GetUserId();
             var jti = User.FindFirstValue("jti");
             try
             {