From 9c8840d4cddb7c182a9cde8f8d9a4dc431e86eaa Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Bar=C4=B1=C5=9F=20Soner=20U=C5=9Fakl=C4=B1?=
 <barisusakli@gmail.com>
Date: Mon, 19 May 2025 11:09:15 -0400
Subject: [PATCH] fix: crash #425 req.body can be undefined

---
 routes/v2/middleware.js | 4 +++-
 1 file changed, 3 insertions(+), 1 deletion(-)

diff --git a/routes/v2/middleware.js b/routes/v2/middleware.js
index dc20592..1bde0d6 100644
--- a/routes/v2/middleware.js
+++ b/routes/v2/middleware.js
@@ -37,7 +37,9 @@ const passportAuthenticateAsync = function (req, res) {
 
 Middleware.requireUser = async function (req, res, next) {
 	var writeApi = require.main.require('nodebb-plugin-write-api');
-	var token = (writeApi.settings['jwt:payloadKey'] ? (req.query[writeApi.settings['jwt:payloadKey']] || req.body[writeApi.settings['jwt:payloadKey']]) : null) || req.query.token || req.body.token;
+	const query = req.query || {};
+	const body = req.body || {};
+	var token = (writeApi.settings['jwt:payloadKey'] ? (query[writeApi.settings['jwt:payloadKey']] || body[writeApi.settings['jwt:payloadKey']]) : null) || query.token || body.token;
 	const loginAsync = util.promisify(req.login).bind(req);
 	var routeMatch;