summaryrefslogtreecommitdiff
path: root/lib/Travelynx/Controller
diff options
context:
space:
mode:
authorDaniel Friesel <derf@finalrewind.org>2019-12-17 20:41:36 +0100
committerDaniel Friesel <derf@finalrewind.org>2019-12-17 20:41:36 +0100
commitc8695ecb1cfd72c8f9e1fa51dbade9a588f127e5 (patch)
treea7d9f84f1648a12031056b2b031243eb2946bbba /lib/Travelynx/Controller
parent934a9ac21a2747db10840a94aa3ed095063021d2 (diff)
travel, import API: Verify that payload is a hash
Diffstat (limited to 'lib/Travelynx/Controller')
-rwxr-xr-xlib/Travelynx/Controller/Api.pm30
1 files changed, 26 insertions, 4 deletions
diff --git a/lib/Travelynx/Controller/Api.pm b/lib/Travelynx/Controller/Api.pm
index 834317c..42e4774 100755
--- a/lib/Travelynx/Controller/Api.pm
+++ b/lib/Travelynx/Controller/Api.pm
@@ -169,14 +169,25 @@ sub get_v1 {
sub travel_v1 {
my ($self) = @_;
- my $payload = $self->req->json;
+ my $payload = $self->req->json;
+
+ if ( not $payload or ref($payload) ne 'HASH' ) {
+ $self->render(
+ json => {
+ success => \0,
+ error => 'Malformed JSON',
+ },
+ );
+ return;
+ }
+
my $api_token = $payload->{token} // '';
if ( $api_token !~ qr{ ^ (?<id> \d+ ) - (?<token> .* ) $ }x ) {
$self->render(
json => {
success => \0,
- error => 'Malformed JSON or malformed token',
+ error => 'Malformed token',
},
);
return;
@@ -338,14 +349,25 @@ sub travel_v1 {
sub import_v1 {
my ($self) = @_;
- my $payload = $self->req->json;
+ my $payload = $self->req->json;
+
+ if ( not $payload or ref($payload) ne 'HASH' ) {
+ $self->render(
+ json => {
+ success => \0,
+ error => 'Malformed JSON',
+ },
+ );
+ return;
+ }
+
my $api_token = $payload->{token} // '';
if ( $api_token !~ qr{ ^ (?<id> \d+ ) - (?<token> .* ) $ }x ) {
$self->render(
json => {
success => \0,
- error => 'Malformed JSON or malformed token',
+ error => 'Malformed token',
},
);
return;