Check username/password.

2021-10-03 20:44:02 -07:00
parent 20b8f59b76
commit 8bebbca413
2 changed files with 9 additions and 5 deletions
--- a/pages/api/auth/login.js
+++ b/pages/api/auth/login.js
@@ -2,11 +2,15 @@ import { serialize } from 'cookie';
 import { checkPassword, createSecureToken } from 'lib/crypto';
 import { getAccountByUsername } from 'lib/queries';
 import { AUTH_COOKIE_NAME } from 'lib/constants';
-import { ok, unauthorized } from 'lib/response';
+import { ok, unauthorized, badRequest } from 'lib/response';

 export default async (req, res) => {
  const { username, password } = req.body;

+  if (!username || !password) {
+    return badRequest(res);
+  }
+
  const account = await getAccountByUsername(username);

  if (account && (await checkPassword(password, account.password))) {