Add validation of Esisar user ids first.

2020-02-08 14:16:28 +01:00
parent 919a984471
commit d0083a4f57
2 changed files with 64 additions and 7 deletions
--- a/src/route/rest.js
+++ b/src/route/rest.js
@@ -74,7 +74,7 @@ class REST {
    if (!util.isKeyId(q.keyId) || !util.isString(q.nonce)) {
      ctx.throw(400, 'Invalid request!');
    }
-    const {email} = await this._publicKey.verify(q);
+    const {email} = await this._publicKey.verify(q, util.origin(ctx), ctx);
    // create link for sharing
    const link = util.url(util.origin(ctx), `/pks/lookup?op=get&search=${email}`);
    await ctx.render('verify-success', {email, link});