natty
/
calckey
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

make secure check

This commit is contained in:
cutestnekoaqua 2023-02-11 01:07:44 +01:00
parent 817c1d2e4b
commit a6fdb28560
No known key found for this signature in database
GPG Key ID: 6BF0964A5069C1E0
1 changed files with 8 additions and 5 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

5
packages/backend/src/server/index.ts
View File

@ -151,11 +151,14 @@ mastoRouter.post("/oauth/token", async (ctx) => {
const BASE_URL = `${ctx.request.protocol}://${ctx.request.hostname}`;
const generator = (megalodon as any).default;
const client = generator("misskey", BASE_URL, null) as MegalodonInterface;
const m = body.code.match(/^[a-zA-Z0-9-]+/);
let m = null;
if (body.code) {
m = body.code.match(/^[a-zA-Z0-9-]+/);
if (!m.length) {
ctx.body = { error: "Invalid code" };
return;
}
}
try {
const atData = await client.fetchAccessToken(
null,