Validate 'from' and 'to' tokens in client /messages endpoint

2021-09-06 16:08:49 +02:00 · 2021-09-06 16:08:49 +02:00 · 224201ae2f
commit 224201ae2f
parent 659fa17053
3 changed files with 8 additions and 11 deletions
--- a/lib/architex_web/client/controllers/room_controller.ex
+++ b/lib/architex_web/client/controllers/room_controller.ex
@ -241,8 +241,8 @@ defmodule ArchitexWeb.Client.RoomController do
          {events, start, end_} = Room.get_messages(room, request)
          events = Enum.map(events, &Event.Formatters.for_client/1)
          data = %{chunk: events}
-          data = if start, do: Map.put(data, :start, start), else: data
-          data = if end_, do: Map.put(data, :end, end_), else: data
+          data = if start, do: Map.put(data, :start, Integer.to_string(start)), else: data
+          data = if end_, do: Map.put(data, :end, Integer.to_string(end_)), else: data

          conn
          |> put_status(200)
--- a/lib/architex_web/client/request/messages.ex
+++ b/lib/architex_web/client/request/messages.ex
@ -17,5 +17,7 @@ defmodule ArchitexWeb.Client.Request.Messages do
    |> Architex.validate_not_nil([:from])
    |> validate_inclusion(:dir, ["b", "f"])
    |> validate_number(:limit, greater_than: 0)
+    |> validate_format(:from, ~r/^[0-9]*$/)
+    |> validate_format(:to, ~r/^[0-9]+$/)
  end
 end