Skip to content

Commit

Permalink
Fix possible SQL injection
Browse files Browse the repository at this point in the history
  • Loading branch information
@aidenprice
aidenprice committed Dec 15, 2023
1 parent ff64b44 commit 0c98f55
Showing 1 changed file with 2 additions and 3 deletions.
5 changes: 2 additions & 3 deletions querybook/server/app/auth/auth0_auth.py
View file
Original file line number Diff line number Diff line change
Expand Up @@ -115,9 +115,8 @@ def _parse_user_profile(self, resp):

@with_session
def login_user(self, username, email, fullname, session=None):
if not username:
raise AuthenticationError("Username must not be empty!")

if not username or not isinstance(username, str):
raise AuthenticationError("Please provide a valid username")
user = get_user_by_name(username, session=session)
if not user:
user = create_user(
Expand Down

0 comments on commit 0c98f55

Please sign in to comment.