summaryrefslogtreecommitdiff
path: root/lib/Travelynx/Controller/Api.pm
diff options
context:
space:
mode:
authorDaniel Friesel <derf@finalrewind.org>2019-12-20 16:39:15 +0100
committerDaniel Friesel <derf@finalrewind.org>2019-12-20 16:39:15 +0100
commit11a2e94a04bf451a1b8411daa18d8f340a12a9c6 (patch)
treeb40d486171bc87a10216d2eb089629a062a68ea5 /lib/Travelynx/Controller/Api.pm
parentbd372d57e2f9dfd8ba651e19f6adfa69ceda9c09 (diff)
travel API: more helpful errors on invalid input
Diffstat (limited to 'lib/Travelynx/Controller/Api.pm')
-rwxr-xr-xlib/Travelynx/Controller/Api.pm39
1 files changed, 35 insertions, 4 deletions
diff --git a/lib/Travelynx/Controller/Api.pm b/lib/Travelynx/Controller/Api.pm
index f0fa5db..f95caa3 100755
--- a/lib/Travelynx/Controller/Api.pm
+++ b/lib/Travelynx/Controller/Api.pm
@@ -221,7 +221,7 @@ sub travel_v1 {
}
my $token = $self->get_api_token($uid);
- if ( $api_token ne $token->{'travel'} ) {
+ if ( not $token->{'travel'} or $api_token ne $token->{'travel'} ) {
$self->render(
json => {
success => \0,
@@ -240,6 +240,7 @@ sub travel_v1 {
success => \0,
deprecated => \0,
error => 'Missing or invalid action',
+ status => $self->get_user_status_json_v1($uid)
},
);
return;
@@ -250,6 +251,25 @@ sub travel_v1 {
my $to_station = sanitize( q{}, $payload->{toStation} );
my $train_id;
+ if (
+ not(
+ $from_station
+ and ( ( $payload->{train}{type} and $payload->{train}{no} )
+ or $payload->{train}{id} )
+ )
+ )
+ {
+ $self->render(
+ json => {
+ success => \0,
+ deprecated => \0,
+ error => 'Missing fromStation or train data',
+ status => $self->get_user_status_json_v1($uid)
+ },
+ );
+ return;
+ }
+
if ( exists $payload->{train}{id} ) {
$train_id = sanitize( 0, $payload->{train}{id} );
}
@@ -277,9 +297,8 @@ sub travel_v1 {
json => {
success => \0,
deprecated => \0,
- error => 'Fehler am Abfahrtsbahnhof: '
- . $status->{errstr},
- status => $self->get_user_status_json_v1($uid)
+ error => 'Zug nicht gefunden',
+ status => $self->get_user_status_json_v1($uid)
}
);
return;
@@ -319,6 +338,18 @@ sub travel_v1 {
elsif ( $payload->{action} eq 'checkout' ) {
my $to_station = sanitize( q{}, $payload->{toStation} );
+ if ( not $to_station ) {
+ $self->render(
+ json => {
+ success => \0,
+ deprecated => \0,
+ error => 'Missing toStation',
+ status => $self->get_user_status_json_v1($uid)
+ },
+ );
+ return;
+ }
+
if ( $payload->{comment} ) {
$self->update_in_transit_comment(
sanitize( q{}, $payload->{comment} ), $uid );