allow rate limiter to work on api router where session does not exist

2026-05-25 18:20:09 +02:00 · 2016-02-02 12:31:54 +00:00
parent a05a7b984f
commit 6cd66c7304
1 changed files with 1 additions and 1 deletions
--- a/services/web/app/coffee/Features/Security/RateLimiterMiddlewear.coffee
+++ b/services/web/app/coffee/Features/Security/RateLimiterMiddlewear.coffee
@@ -15,7 +15,7 @@ module.exports = RateLimiterMiddlewear =
 	###
 	rateLimit: (opts) ->
 		return (req, res, next) ->
-			if req.session.user?
+			if req.session?.user?
 				user_id = req.session.user._id
 			else
 				user_id = req.ip