From a96b740a153bcca7c8dfc9dd93393c0a968929e1 Mon Sep 17 00:00:00 2001
From: monoid <qaswedfr55@gmail.com>
Date: Mon, 11 Oct 2021 22:52:03 +0900
Subject: [PATCH] fix type error in login.ts

---
 src/login.ts | 5 ++++-
 1 file changed, 4 insertions(+), 1 deletion(-)

diff --git a/src/login.ts b/src/login.ts
index e662231..79dfc48 100644
--- a/src/login.ts
+++ b/src/login.ts
@@ -93,7 +93,7 @@ export const createLoginMiddleware = (userController: UserAccessor) =>
     const secretKey = setting.jwt_secretkey;
     const body = ctx.request.body;
     //check format
-    if (!("username" in body) || !("password" in body)) {
+    if (typeof body == "string" || !("username" in body) || !("password" in body)) {
       return sendError(
         400,
         "invalid form : username or password is not found in query.",
@@ -249,6 +249,9 @@ export const resetPasswordMiddleware = (cntr: UserAccessor) =>
     const username = body['username'];
     const oldpw = body['oldpassword'];
     const newpw = body['newpassword'];
+    if(typeof username !== "string" || typeof oldpw !== "string" || typeof newpw !== "string"){
+      return sendError(400,"request body is invalid format");
+    }
     const user = await cntr.findUser(username);
     if(user === undefined){
       return sendError(403,"not authorized");