added store unit test for user.GetByAuth and added password length checking in api.login

author: JoramWilander <jwawilander@gmail.com> 2015-07-23 08:19:51 -0400
committer: JoramWilander <jwawilander@gmail.com> 2015-07-23 08:19:51 -0400
commit: d42d0e3467c8eec38fdca429ba9ba5ac2af68db8 (patch)
tree: 0f1d6d24162d049e4fa847cf95aeb51d79003213 /api
parent: fabdc9a32661fd0410560ca918f5302249f9cfad (diff)
download: chat-d42d0e3467c8eec38fdca429ba9ba5ac2af68db8.tar.gz
chat-d42d0e3467c8eec38fdca429ba9ba5ac2af68db8.tar.bz2
chat-d42d0e3467c8eec38fdca429ba9ba5ac2af68db8.zip
1 files changed, 6 insertions, 0 deletions
diff --git a/api/user.go b/api/user.go
index 03f8b9e3e..e1d5e83dd 100644
--- a/api/user.go
+++ b/api/user.go
@@ -370,6 +370,12 @@ func Login(c *Context, w http.ResponseWriter, r *http.Request, user *model.User,
 func login(c *Context, w http.ResponseWriter, r *http.Request) {
 	props := model.MapFromJson(r.Body)
 
+	if len(props["password"]) == 0 {
+		c.Err = model.NewAppError("login", "Password field must not be blank", "")
+		c.Err.StatusCode = http.StatusForbidden
+		return
+	}
+
 	var user *model.User
 	if len(props["id"]) != 0 {
 		user = LoginById(c, w, r, props["id"], props["password"], props["device_id"])
author	JoramWilander <jwawilander@gmail.com>	2015-07-23 08:19:51 -0400
committer	JoramWilander <jwawilander@gmail.com>	2015-07-23 08:19:51 -0400
commit	d42d0e3467c8eec38fdca429ba9ba5ac2af68db8 (patch)
tree	0f1d6d24162d049e4fa847cf95aeb51d79003213 /api
parent	fabdc9a32661fd0410560ca918f5302249f9cfad (diff)
download	chat-d42d0e3467c8eec38fdca429ba9ba5ac2af68db8.tar.gz chat-d42d0e3467c8eec38fdca429ba9ba5ac2af68db8.tar.bz2 chat-d42d0e3467c8eec38fdca429ba9ba5ac2af68db8.zip