diff options
Diffstat (limited to 'src/api/endpoints/auth/session')
| -rw-r--r-- | src/api/endpoints/auth/session/generate.ts (renamed from src/api/endpoints/auth/session/generate.js) | 7 | ||||
| -rw-r--r-- | src/api/endpoints/auth/session/show.ts (renamed from src/api/endpoints/auth/session/show.js) | 7 | ||||
| -rw-r--r-- | src/api/endpoints/auth/session/userkey.ts (renamed from src/api/endpoints/auth/session/userkey.js) | 13 |
3 files changed, 11 insertions, 16 deletions
diff --git a/src/api/endpoints/auth/session/generate.js b/src/api/endpoints/auth/session/generate.ts index cf75b83e2d..6e730123c1 100644 --- a/src/api/endpoints/auth/session/generate.js +++ b/src/api/endpoints/auth/session/generate.ts @@ -4,6 +4,7 @@ * Module dependencies */ import * as uuid from 'uuid'; +import it from '../../../it'; import App from '../../../models/app'; import AuthSess from '../../../models/auth-session'; import config from '../../../../conf'; @@ -49,10 +50,8 @@ module.exports = (params) => new Promise(async (res, rej) => { // Get 'app_secret' parameter - const appSecret = params.app_secret; - if (appSecret == null) { - return rej('app_secret is required'); - } + const [appSecret, appSecretErr] = it(params.app_secret).expect.string().required().qed(); + if (appSecretErr) return rej('invalid app_secret param'); // Lookup app const app = await App.findOne({ diff --git a/src/api/endpoints/auth/session/show.js b/src/api/endpoints/auth/session/show.ts index 425c980d9d..55641929d8 100644 --- a/src/api/endpoints/auth/session/show.js +++ b/src/api/endpoints/auth/session/show.ts @@ -3,6 +3,7 @@ /** * Module dependencies */ +import it from '../../../it'; import AuthSess from '../../../models/auth-session'; import serialize from '../../../serializers/auth-session'; @@ -57,10 +58,8 @@ module.exports = (params, user) => new Promise(async (res, rej) => { // Get 'token' parameter - const token = params.token; - if (token == null) { - return rej('token is required'); - } + const [token, tokenErr] = it(params.token).expect.string().required().qed(); + if (tokenErr) return rej('invalid token param'); // Lookup session const session = await AuthSess.findOne({ diff --git a/src/api/endpoints/auth/session/userkey.js b/src/api/endpoints/auth/session/userkey.ts index 2c34304a5e..fdb8c26d4e 100644 --- a/src/api/endpoints/auth/session/userkey.js +++ b/src/api/endpoints/auth/session/userkey.ts @@ -3,6 +3,7 @@ /** * Module dependencies */ +import it from '../../../it'; import App from '../../../models/app'; import AuthSess from '../../../models/auth-session'; import AccessToken from '../../../models/access-token'; @@ -53,10 +54,8 @@ import serialize from '../../../serializers/user'; module.exports = (params) => new Promise(async (res, rej) => { // Get 'app_secret' parameter - const appSecret = params.app_secret; - if (appSecret == null) { - return rej('app_secret is required'); - } + const [appSecret, appSecretErr] = it(params.app_secret).expect.string().required().qed(); + if (appSecretErr) return rej('invalid app_secret param'); // Lookup app const app = await App.findOne({ @@ -68,10 +67,8 @@ module.exports = (params) => } // Get 'token' parameter - const token = params.token; - if (token == null) { - return rej('token is required'); - } + const [token, tokenErr] = it(params.token).expect.string().required().qed(); + if (tokenErr) return rej('invalid token param'); // Fetch token const session = await AuthSess |