Skip to content

Commit

Permalink
Fix
Browse files Browse the repository at this point in the history
  • Loading branch information
@bonustrack
bonustrack committed Jul 18, 2020
1 parent bd9ad48 commit 7c80c5f
Showing 1 changed file with 7 additions and 4 deletions.
11 changes: 7 additions & 4 deletions server/api.ts
View file
Original file line number Diff line number Diff line change
Expand Up @@ -48,7 +48,7 @@ router.post('/message', async (req, res) => {
!body.address ||
!body.msg ||
!body.sig ||
Object.keys(msg).length !== 4 ||
Object.keys(msg).length !== 5 ||
!msg.version ||
!msg.token ||
!msg.type ||
Expand All @@ -61,14 +61,17 @@ router.post('/message', async (req, res) => {
!msg.payload.body ||
msg.payload.body.length > 10240 ||
!msg.payload.choices ||
msg.payload.choices.length < 2
msg.payload.choices.length < 2 ||
!msg.payload.startBlock ||
currentBlockNumber > msg.payload.startBlock ||
!msg.payload.endBlock ||
msg.payload.startBlock >= msg.payload.endBlock
) ||
msg.type === 'vote' && (
Object.keys(msg.payload).length !== 2 ||
!msg.payload.proposal ||
!msg.payload.choice
) ||
!await verify(body.address, body.msg, body.sig)
)
) {
console.log('unauthorized', body);
return res.status(500).json({ error: 'unauthorized' });
Expand Down

0 comments on commit 7c80c5f

Please sign in to comment.