Input validation
parent
a79fb707d7
commit
9824c6a945
13
main.go
13
main.go
|
@ -84,6 +84,11 @@ func AuthMiddleware(next httprouter.Handle) httprouter.Handle {
|
||||||
return
|
return
|
||||||
}
|
}
|
||||||
|
|
||||||
|
if client.UserId == "" || client.ClientId == "" {
|
||||||
|
http.Error(w, http.StatusText(http.StatusBadRequest), http.StatusBadRequest)
|
||||||
|
return
|
||||||
|
}
|
||||||
|
|
||||||
context := context.WithValue(r.Context(), "user", client.UserId)
|
context := context.WithValue(r.Context(), "user", client.UserId)
|
||||||
next(w, r.WithContext(context), p)
|
next(w, r.WithContext(context), p)
|
||||||
}
|
}
|
||||||
|
@ -93,6 +98,10 @@ func PermissionMiddleware(next httprouter.Handle) httprouter.Handle {
|
||||||
return func (w http.ResponseWriter, r *http.Request, p httprouter.Params) {
|
return func (w http.ResponseWriter, r *http.Request, p httprouter.Params) {
|
||||||
userID := r.Context().Value("user").(string)
|
userID := r.Context().Value("user").(string)
|
||||||
conversationID := p.ByName("key")
|
conversationID := p.ByName("key")
|
||||||
|
if conversationID == "" {
|
||||||
|
http.Error(w, http.StatusText(http.StatusBadRequest), http.StatusBadRequest)
|
||||||
|
return
|
||||||
|
}
|
||||||
|
|
||||||
response, err := http.Get(permissionsHost + "/user/" + userID + "/conversation/" + conversationID)
|
response, err := http.Get(permissionsHost + "/user/" + userID + "/conversation/" + conversationID)
|
||||||
if err != nil {
|
if err != nil {
|
||||||
|
@ -179,6 +188,10 @@ type BitesList struct {
|
||||||
func ScanStore(w http.ResponseWriter, r *http.Request, p httprouter.Params) {
|
func ScanStore(w http.ResponseWriter, r *http.Request, p httprouter.Params) {
|
||||||
// Get params
|
// Get params
|
||||||
storeType := p.ByName("type")
|
storeType := p.ByName("type")
|
||||||
|
if storeType == "" {
|
||||||
|
http.Error(w, http.StatusText(http.StatusBadRequest), http.StatusBadRequest)
|
||||||
|
return
|
||||||
|
}
|
||||||
key := p.ByName("key")
|
key := p.ByName("key")
|
||||||
|
|
||||||
// Get querystring values
|
// Get querystring values
|
||||||
|
|
Loading…
Reference in New Issue