From abfb36bcdb25ba11bda9892ec473970fc29506bb Mon Sep 17 00:00:00 2001
From: syuilo <syuilotan@yahoo.co.jp>
Date: Wed, 22 Feb 2017 19:39:34 +0900
Subject: Fix bug

---
 src/api/private/signin.ts | 10 ++++++++++
 src/api/private/signup.ts |  4 ++--
 2 files changed, 12 insertions(+), 2 deletions(-)

(limited to 'src/api/private')

diff --git a/src/api/private/signin.ts b/src/api/private/signin.ts
index 14dd1c7058..fe3b5f7084 100644
--- a/src/api/private/signin.ts
+++ b/src/api/private/signin.ts
@@ -12,6 +12,16 @@ export default async (req: express.Request, res: express.Response) => {
 	const username = req.body['username'];
 	const password = req.body['password'];
 
+	if (typeof username != 'string') {
+		res.sendStatus(400);
+		return;
+	}
+
+	if (typeof password != 'string') {
+		res.sendStatus(400);
+		return;
+	}
+
 	// Fetch user
 	const user = await User.findOne({
 		username_lower: username.toLowerCase()
diff --git a/src/api/private/signup.ts b/src/api/private/signup.ts
index 73e04f8b37..bd2a7ef02a 100644
--- a/src/api/private/signup.ts
+++ b/src/api/private/signup.ts
@@ -3,7 +3,7 @@ import * as bcrypt from 'bcryptjs';
 import rndstr from 'rndstr';
 import recaptcha = require('recaptcha-promise');
 import User from '../models/user';
-import { validateUsername } from '../models/user';
+import { validateUsername, validatePassword } from '../models/user';
 import serialize from '../serializers/user';
 import config from '../../conf';
 
@@ -34,7 +34,7 @@ export default async (req: express.Request, res: express.Response) => {
 	}
 
 	// Validate password
-	if (password == '') {
+	if (!validatePassword(password)) {
 		res.sendStatus(400);
 		return;
 	}
-- 
cgit v1.2.3-freya