code002lover/IPost
1
0
Fork 0
Code Issues Pull Requests 1 Packages Projects Releases Wiki Activity

fix auth token length

Browse Source
This commit is contained in:
Mystikfluu 2023-02-15 20:08:17 +01:00
parent 1519e541b8
commit 580f909667
1 changed files with 2 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
routes/api/all.js
View File

@ -32,7 +32,7 @@ export const setup = function (router, con, server) {
typeof req.body.auth.appid !== "number" ||
typeof req.body.auth.auth_token !== "string" ||
req.body.auth.secret.length !== 200 ||
req.body.auth.auth_token.length !== 100 ||
req.body.auth.auth_token.length !== 200 ||
Buffer.from(req.body.auth.secret,"base64").length !== 150
) {
res.status(420).send("invalid authentication object")
@ -40,7 +40,7 @@ export const setup = function (router, con, server) {
} else {
//secret : string(200 chars)
//appid : number
//auth_token: string(100 chars)
//auth_token: string(200 chars)
let sql = "select User_ID,User_Name,User_Bio,User_Avatar,User_Settings from ipost.auth_tokens inner join ipost.application on auth_token_isfrom_application_id=application_id inner join ipost.users on auth_token_u_id=User_ID where auth_token=? and application_secret=? and application_id=?"
con.query(sql,[SHA256(req.body.auth.auth_token,req.body.auth.appid, HASHES_DB),SHA256(req.body.auth.secret,req.body.auth.appid, HASHES_DB),req.body.auth.appid],(err,result) => {
if(err) throw err;