From a1f3b468714a1c68d7693c5da76f2014a6c51a18 Mon Sep 17 00:00:00 2001 From: Austin McCalley Date: Wed, 19 Aug 2020 21:47:14 -0700 Subject: [PATCH 1/2] Beginning validation of endpoints --- server/api/points/index.ts | 22 +++++++++++++++------- server/utils/points/validators.ts | 22 ++++++++++++++++++++++ 2 files changed, 37 insertions(+), 7 deletions(-) create mode 100644 server/utils/points/validators.ts diff --git a/server/api/points/index.ts b/server/api/points/index.ts index 2b51165..35c690a 100644 --- a/server/api/points/index.ts +++ b/server/api/points/index.ts @@ -2,7 +2,7 @@ import { Middleware } from 'koa' import Router from 'koa-router' import PointModel, { - PointDocument, + PointDocument, // PointType, } from '../../models/points' @@ -10,16 +10,21 @@ import { Props, } from '@types' + +import { validTopDays, validUserDays, validGetUser } from '../../utils/points/validators' + export default (props: Props): Middleware => { const router = new Router() const { - + } = props - + // TODO: validate input router.get('/:id', async ctx => { + if (!validGetUser(ctx.params)) return ctx.throw(400) + const points: PointDocument[] | null = await PointModel.find({ userID: ctx.params.id }) if (points?.length > 0) ctx.body = points @@ -27,8 +32,11 @@ export default (props: Props): Middleware => { }) router.get('/user/:id/:days', async ctx => { + if (!validUserDays(ctx.params)) return ctx.throw(400) + + const date = new Date(Date.now() - Number(ctx.params.days) * 24 * 60 * 60 * 1000) - + const points: PointDocument[] | null = await PointModel.find({ userID: ctx.params.id, createdAt: { $gte: date.toISOString() }, @@ -39,16 +47,16 @@ export default (props: Props): Middleware => { }) router.get('/top/:days', async ctx => { - const date = new Date(Date.now() - Number(ctx.params.days) * 24 * 60 * 60 * 1000) + if (!validTopDays(ctx.params)) return ctx.throw(400) - /* TODO: Type all of this */ + const date = new Date(Date.now() - Number(ctx.params.days) * 24 * 60 * 60 * 1000) const { results } = await PointModel.mapReduce({ map: "function () { emit(this.userID, this.amount) }", reduce: "function (_, values) { return Array.sum(values) }", query: { - createdAt: { + createdAt: { $gte: date.toISOString(), }, }, diff --git a/server/utils/points/validators.ts b/server/utils/points/validators.ts new file mode 100644 index 0000000..d4e9c5c --- /dev/null +++ b/server/utils/points/validators.ts @@ -0,0 +1,22 @@ +const validGetUser = (params): boolean => { + if (!Object.keys(params).includes('id')) return false + + return true +} + +const validUserDays = (params): boolean => { + if (!Object.keys(params).includes('days')) return false + if (typeof params.days !== 'number') return false + + return true +} + +const validTopDays = (params): boolean => { + if (!Object.keys(params).includes('days')) return false + if (typeof params.days !== 'number') return false + + return true +} + + +export { validGetUser, validUserDays, validTopDays } From 1e077a07303338f042bbb288a46e377acead0853 Mon Sep 17 00:00:00 2001 From: Austin McCalley Date: Wed, 19 Aug 2020 21:52:31 -0700 Subject: [PATCH 2/2] Fixed types --- server/utils/points/validators.ts | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/server/utils/points/validators.ts b/server/utils/points/validators.ts index d4e9c5c..fbcfb35 100644 --- a/server/utils/points/validators.ts +++ b/server/utils/points/validators.ts @@ -6,14 +6,14 @@ const validGetUser = (params): boolean => { const validUserDays = (params): boolean => { if (!Object.keys(params).includes('days')) return false - if (typeof params.days !== 'number') return false + if (typeof params.days !== 'string') return false return true } const validTopDays = (params): boolean => { if (!Object.keys(params).includes('days')) return false - if (typeof params.days !== 'number') return false + if (typeof params.days !== 'string') return false return true }