diff options
| author | Madeline <46743919+MaddyUnderStars@users.noreply.github.com> | 2022-10-05 01:17:00 +1100 |
|---|---|---|
| committer | Madeline <46743919+MaddyUnderStars@users.noreply.github.com> | 2022-10-05 01:30:37 +1100 |
| commit | ca9d09bb226e49e9215bd629c2218a93529ea2ae (patch) | |
| tree | 02ccb558c5ae6075dafd542fb7e4193c96b1e558 /src | |
| parent | Add the automatic install script, thanks @Haydaralqassam (diff) | |
| download | server-ca9d09bb226e49e9215bd629c2218a93529ea2ae.tar.xz | |
Check nonce in Message send
Diffstat (limited to 'src')
| -rw-r--r-- | src/api/routes/channels/#channel_id/messages/index.ts | 13 |
1 files changed, 13 insertions, 0 deletions
diff --git a/src/api/routes/channels/#channel_id/messages/index.ts b/src/api/routes/channels/#channel_id/messages/index.ts index 747701db..e0c91b8a 100644 --- a/src/api/routes/channels/#channel_id/messages/index.ts +++ b/src/api/routes/channels/#channel_id/messages/index.ts @@ -201,6 +201,19 @@ router.post( ); } + if (body.nonce) { + const existing = await Message.findOne({ + where: { + nonce: body.nonce, + channel_id: channel.id, + author_id: req.user_id + } + }); + if (existing) { + return res.json(existing); + } + } + const files = (req.files as Express.Multer.File[]) ?? []; for (var currFile of files) { try { |