From 86f747d76a23baa8f10d739eff928949c5ee9313 Mon Sep 17 00:00:00 2001 From: Mystikfluu Date: Sat, 4 Feb 2023 13:34:48 +0100 Subject: [PATCH] better edge-case handling --- routes/api/all.js | 9 ++++++++- 1 file changed, 8 insertions(+), 1 deletion(-) diff --git a/routes/api/all.js b/routes/api/all.js index 942ccbb..1d2cf8a 100644 --- a/routes/api/all.js +++ b/routes/api/all.js @@ -12,6 +12,13 @@ export const setup = function (router, con, server) { let unsigned; if (req.body.user == undefined || req.body.pass == undefined) { if(req.body.auth != undefined) { + if(typeof req.body.auth === "string") { + try{ + req.body.auth = JSON.parse(req.body.auth) + } catch(err) { + console.log("error parsing",err) + } + } if( typeof req.body.auth !== "object" || typeof req.body.auth.secret !== "string" || @@ -27,7 +34,7 @@ export const setup = function (router, con, server) { //secret : string(200 chars) //appid : number //auth_token: string(100 chars) - let sql = "select User_ID,User_Name,User_Bio,User_Avatar,User_Settings from auth_tokens inner join application on auth_token_isfrom_application_id=application_id inner join users on auth_token_u_id=User_ID where auth_token=? and application_secret=? and application_id=?" + let sql = "select User_ID,User_Name,User_Bio,User_Avatar,User_Settings from ipost.auth_tokens inner join ipost.application on auth_token_isfrom_application_id=application_id inner join ipost.users on auth_token_u_id=User_ID where auth_token=? and application_secret=? and application_id=?" con.query(sql,[SHA256(req.body.auth.auth_token,req.body.auth.appid, HASHES_DB),SHA256(req.body.auth.secret,req.body.auth.appid, HASHES_DB),req.body.auth.appid],(err,result) => { if(err) throw err;