diff --git a/backend/package.json b/backend/package.json index 0b62f65..53df1d6 100644 --- a/backend/package.json +++ b/backend/package.json @@ -1,6 +1,6 @@ { "name": "arka", - "version": "1.5.1", + "version": "1.5.2", "description": "ARKA - (Albanian for Cashier's case) is the first open source Paymaster as a service software", "type": "module", "directories": { diff --git a/backend/src/routes/deposit-route.ts b/backend/src/routes/deposit-route.ts index 8994192..f02e382 100644 --- a/backend/src/routes/deposit-route.ts +++ b/backend/src/routes/deposit-route.ts @@ -51,7 +51,7 @@ const depositRoutes: FastifyPluginAsync = async (server) => { const amount = body.params[0]; const chainId = query['chainId'] ?? body.params[1]; const api_key = query['apiKey'] ?? body.params[2]; - if (!api_key) + if (!api_key || typeof(api_key) !== "string") return reply.code(ReturnCode.FAILURE).send({ error: ErrorMessage.INVALID_API_KEY }) let privateKey = ''; let supportedNetworks; @@ -112,7 +112,7 @@ const depositRoutes: FastifyPluginAsync = async (server) => { const amount = body.params[0]; const chainId = query['chainId'] ?? body.params[1]; const api_key = query['apiKey'] ?? body.params[2]; - if (!api_key) + if (!api_key || typeof(api_key) !== "string") return reply.code(ReturnCode.FAILURE).send({ error: ErrorMessage.INVALID_API_KEY }) let privateKey = ''; let supportedNetworks; diff --git a/backend/src/routes/metadata-routes.ts b/backend/src/routes/metadata-routes.ts index 824648f..83f876b 100644 --- a/backend/src/routes/metadata-routes.ts +++ b/backend/src/routes/metadata-routes.ts @@ -34,8 +34,7 @@ const metadataRoutes: FastifyPluginAsync = async (server) => { const query: any = request.query; const chainId = query['chainId'] ?? 1; const api_key = query['apiKey']; - - if (!api_key) + if (!api_key || typeof(api_key) !== "string") return reply.code(ReturnCode.FAILURE).send({ error: ErrorMessage.INVALID_API_KEY }) if (!chainId) return reply.code(ReturnCode.FAILURE).send({ error: ErrorMessage.INVALID_DATA }) diff --git a/backend/src/routes/paymaster-routes.ts b/backend/src/routes/paymaster-routes.ts index 318f246..6a7f2df 100644 --- a/backend/src/routes/paymaster-routes.ts +++ b/backend/src/routes/paymaster-routes.ts @@ -70,7 +70,7 @@ const paymasterRoutes: FastifyPluginAsync = async (server) => { } } } - if (!api_key) + if (!api_key || typeof(api_key) !== "string") return reply.code(ReturnCode.FAILURE).send({ error: ErrorMessage.INVALID_API_KEY }) if (!SUPPORTED_ENTRYPOINTS.EPV_06?.includes(entryPoint) && !SUPPORTED_ENTRYPOINTS.EPV_07?.includes(entryPoint)) return reply.code(ReturnCode.FAILURE).send({ error: ErrorMessage.UNSUPPORTED_ENTRYPOINT }) diff --git a/backend/src/routes/pimlico-routes.ts b/backend/src/routes/pimlico-routes.ts index 35f9654..1ec4644 100644 --- a/backend/src/routes/pimlico-routes.ts +++ b/backend/src/routes/pimlico-routes.ts @@ -47,7 +47,7 @@ const pimlicoRoutes: FastifyPluginAsync = async (server) => { const gasToken = context ? context.token : null; const chainId = query['chainId'] ?? body.params[2]; const api_key = query['apiKey'] ?? body.params[3]; - if (!api_key) + if (!api_key || typeof(api_key) !== "string") return reply.code(ReturnCode.FAILURE).send({ error: ErrorMessage.INVALID_API_KEY }) let customPaymasters = []; let privateKey = ''; diff --git a/backend/src/routes/whitelist-routes.ts b/backend/src/routes/whitelist-routes.ts index f4469bb..6f630e7 100644 --- a/backend/src/routes/whitelist-routes.ts +++ b/backend/src/routes/whitelist-routes.ts @@ -38,7 +38,7 @@ const whitelistRoutes: FastifyPluginAsync = async (server) => { const address = body.params[0]; const chainId = query['chainId'] ?? body.params[1]; const api_key = query['apiKey'] ?? body.params[2]; - if (!api_key) + if (!api_key || typeof(api_key) !== "string") return reply.code(ReturnCode.FAILURE).send({ error: ErrorMessage.INVALID_API_KEY }) let privateKey = ''; let supportedNetworks; @@ -105,7 +105,7 @@ const whitelistRoutes: FastifyPluginAsync = async (server) => { const address = body.params[0]; const chainId = query['chainId'] ?? body.params[1]; const api_key = query['apiKey'] ?? body.params[2]; - if (!api_key) + if (!api_key || typeof(api_key) !== "string") return reply.code(ReturnCode.FAILURE).send({ error: ErrorMessage.INVALID_API_KEY }) let privateKey = ''; let supportedNetworks; @@ -169,7 +169,7 @@ const whitelistRoutes: FastifyPluginAsync = async (server) => { const accountAddress = body.params[0]; const chainId = query['chainId'] ?? body.params[1]; const api_key = query['apiKey'] ?? body.params[2]; - if (!api_key) + if (!api_key || typeof(api_key) !== "string") return reply.code(ReturnCode.FAILURE).send({ error: ErrorMessage.INVALID_API_KEY }) let privateKey = ''; let supportedNetworks; @@ -232,7 +232,7 @@ const whitelistRoutes: FastifyPluginAsync = async (server) => { const policyId = body.params[1]; const chainId = query['chainId'] ?? body.params[2]; const api_key = query['apiKey'] ?? body.params[3]; - if (!api_key) + if (!api_key || typeof(api_key) !== "string") return reply.code(ReturnCode.FAILURE).send({ error: ErrorMessage.INVALID_API_KEY }) let privateKey = ''; let supportedNetworks; @@ -310,7 +310,7 @@ const whitelistRoutes: FastifyPluginAsync = async (server) => { const policyId = body.params[1]; const chainId = query['chainId'] ?? body.params[2]; const api_key = query['apiKey'] ?? body.params[3]; - if (!api_key) + if (!api_key || typeof(api_key) !== "string") return reply.code(ReturnCode.FAILURE).send({ error: ErrorMessage.INVALID_API_KEY }) let privateKey = ''; let supportedNetworks; @@ -372,7 +372,7 @@ const whitelistRoutes: FastifyPluginAsync = async (server) => { const address = body.params[0]; const policyId = body.params[1]; const api_key = query['apiKey'] ?? body.params[2]; - if (!api_key) + if (!api_key || typeof(api_key) !== "string") return reply.code(ReturnCode.FAILURE).send({ error: ErrorMessage.INVALID_API_KEY }) let privateKey = ''; const apiKeyEntity: APIKey | null = await server.apiKeyRepository.findOneByApiKey(api_key); @@ -449,7 +449,7 @@ const whitelistRoutes: FastifyPluginAsync = async (server) => { const policyId = body.params[0]; const chainId = query['chainId'] ?? body.params[1]; const api_key = query['apiKey'] ?? body.params[2]; - if (!api_key) + if (!api_key || typeof(api_key) !== "string") return reply.code(ReturnCode.FAILURE).send({ error: ErrorMessage.INVALID_API_KEY }) let privateKey = ''; let supportedNetworks; @@ -509,7 +509,7 @@ const whitelistRoutes: FastifyPluginAsync = async (server) => { const chainId = query['chainId']; const api_key = query['apiKey']; - if (!api_key) + if (!api_key || typeof(api_key) !== "string") return reply.code(ReturnCode.FAILURE).send({ error: ErrorMessage.INVALID_API_KEY }) let privateKey = ''; let supportedNetworks; @@ -577,7 +577,7 @@ const whitelistRoutes: FastifyPluginAsync = async (server) => { const query: any = request.query; const chainId = query['chainId']; const api_key = query['apiKey']; - if (!api_key) + if (!api_key || typeof(api_key) !== "string") return reply.code(ReturnCode.FAILURE).send({ error: ErrorMessage.INVALID_API_KEY }) let privateKey = ''; let supportedNetworks; @@ -648,7 +648,7 @@ const whitelistRoutes: FastifyPluginAsync = async (server) => { const query: any = request.query; const chainId = query['chainId']; const api_key = query['apiKey']; - if (!api_key) + if (!api_key || typeof(api_key) !== "string") return reply.code(ReturnCode.FAILURE).send({ error: ErrorMessage.INVALID_API_KEY }) let privateKey = ''; let supportedNetworks;