chore: add simple validation to the sign-transaction server sign requ…

…est body
input-output-hk · Apr 7, 2021 · f0ce539 · f0ce539
1 parent 85d5037
commit f0ce539
Show file tree

Hide file tree

Showing 3 changed files with 30 additions and 5 deletions.
diff --git a/examples/postman/package-lock.json b/examples/postman/package-lock.json
diff --git a/examples/postman/package.json b/examples/postman/package.json
@@ -12,6 +12,7 @@
   "type": "module",
   "dependencies": {
     "express": "^4.17.1",
+    "express-validator": "^6.10.0",
     "tweetnacl": "^1.0.3"
   }
 }
diff --git a/examples/postman/sign-transaction-server.js b/examples/postman/sign-transaction-server.js
@@ -1,15 +1,20 @@
 import express from 'express';
+import { body, validationResult } from 'express-validator';
 import NaCl from 'tweetnacl';
 
 const app = express();
 app.use(express.json({ limit: "1mb" }));
 
-app.post("/sign", (req, res) => {
-
-    const private_key = req.body.private_key;
-    const public_key = req.body.public_key;
-    const hex_bytes = req.body.hex_bytes;
+app.post(
+  "/sign",
+  body(['private_key', 'public_key', 'hex_bytes']).isString().notEmpty(),
+  (req, res) => {
+    const errors = validationResult(req);
+    if (!errors.isEmpty()) {
+      return res.status(400).json({ errors: errors.array() });
+    }
 
+    const { private_key, public_key, hex_bytes } = req.body;
     const key_pair = NaCl.sign.keyPair.fromSecretKey(Buffer.from(private_key+public_key, "hex"));
     const secret_key = key_pair.secretKey;