mirror
/
rogueserver
mirror of https://github.com/pagefaultgames/rogueserver
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Add token length check to account info handler

Browse Source
pull/1/head
maru 11 months ago
parent b1e67634df
commit be62fc939a
No known key found for this signature in database
GPG Key ID: 37689350E9CD0F0D
1 changed files with 5 additions and 0 deletions
Show Stats Download Patch File Download Diff File

5
api/account.go
Unescape Escape View File

@ -41,6 +41,11 @@ func (s *Server) HandleAccountInfo(w http.ResponseWriter, r *http.Request) {
return
}
if len(token) != 32 {
http.Error(w, "invalid token", http.StatusBadRequest)
return
}
username, err := db.GetUsernameFromToken(token)
if err != nil {
http.Error(w, err.Error(), http.StatusBadRequest)

Write Preview
Loading…
Cancel
Save