refactor scoped token service

author: Rigel Kent <sendmemail@rigelk.eu> 2020-11-09 16:25:27 +0100
committer: Chocobozzz <chocobozzz@cpy.re> 2020-11-25 11:07:56 +0100
commit: 5beb89f223539f1e415a976ff104f772526b4d20 (patch)
tree: 2164677d16a2965d63499e249aa75ab0e06e3a6c /server/middlewares
parent: afff310e50f2fa8419bb4242470cbde46ab54463 (diff)
download: PeerTube-5beb89f223539f1e415a976ff104f772526b4d20.tar.gz
PeerTube-5beb89f223539f1e415a976ff104f772526b4d20.tar.zst
PeerTube-5beb89f223539f1e415a976ff104f772526b4d20.zip
1 files changed, 3 insertions, 2 deletions
diff --git a/server/middlewares/validators/feeds.ts b/server/middlewares/validators/feeds.ts
index 5c76a679f..35080ffca 100644
--- a/server/middlewares/validators/feeds.ts
+++ b/server/middlewares/validators/feeds.ts
@@ -64,8 +64,8 @@ const videoFeedsValidator = [
 ]
 const videoSubscriptonFeedsValidator = [
-  query('accountId').optional().custom(isIdValid),
+  query('accountId').custom(isIdValid),
-  query('token').optional(),
+  query('token'),
  async (req: express.Request, res: express.Response, next: express.NextFunction) => {
    logger.debug('Checking feeds parameters', { parameters: req.query })
@@ -74,6 +74,7 @@ const videoSubscriptonFeedsValidator = [
    // a token alone is erroneous
    if (req.query.token && !req.query.accountId) return
+    if (req.query.accountId && !await doesAccountIdExist(req.query.accountId, res)) return
    if (req.query.token && !await doesUserFeedTokenCorrespond(res.locals.account.userId, req.query.token, res)) return
    return next()
author	Rigel Kent <sendmemail@rigelk.eu>	2020-11-09 16:25:27 +0100
committer	Chocobozzz <chocobozzz@cpy.re>	2020-11-25 11:07:56 +0100
commit	5beb89f223539f1e415a976ff104f772526b4d20 (patch)
tree	2164677d16a2965d63499e249aa75ab0e06e3a6c /server/middlewares
parent	afff310e50f2fa8419bb4242470cbde46ab54463 (diff)
download	PeerTube-5beb89f223539f1e415a976ff104f772526b4d20.tar.gz PeerTube-5beb89f223539f1e415a976ff104f772526b4d20.tar.zst PeerTube-5beb89f223539f1e415a976ff104f772526b4d20.zip