Add token length check to account info handler

pull/1/head
maru 1 year ago
parent b1e67634df
commit be62fc939a
No known key found for this signature in database
GPG Key ID: 37689350E9CD0F0D

@ -41,6 +41,11 @@ func (s *Server) HandleAccountInfo(w http.ResponseWriter, r *http.Request) {
return return
} }
if len(token) != 32 {
http.Error(w, "invalid token", http.StatusBadRequest)
return
}
username, err := db.GetUsernameFromToken(token) username, err := db.GetUsernameFromToken(token)
if err != nil { if err != nil {
http.Error(w, err.Error(), http.StatusBadRequest) http.Error(w, err.Error(), http.StatusBadRequest)

Loading…
Cancel
Save