openclaw/helpyourneighbour
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

auto(agent): Improved error handling and input validation in addresses.js

Browse source
This commit is contained in:
OpenClaw 2026-03-06 17:44:32 +00:00
parent cd7fa3bac2
commit 4ee009a730
1 changed files with 116 additions and 73 deletions
Download patch file Download diff file Expand all files Collapse all files

59
backend/src/routes/addresses.js
View file

@ -9,9 +9,26 @@ const router = Router();
const hashCode = (code) => createHash('sha256').update(code).digest('hex'); const hashCode = (code) => createHash('sha256').update(code).digest('hex');
// Schema for change request validation
const changeRequestSchema = z.object({
newAddress: z.string().min(10).max(500)
});
// Schema for verification request validation
const verifyRequestSchema = z.object({
requestId: z.number().int().positive(),
code: z.string().regex(/^\d{6}$/)
});
router.post('/change-request', requireAuth, async (req, res) => { router.post('/change-request', requireAuth, async (req, res) => {
const parsed = z.object({ newAddress: z.string().min(10).max(500) }).safeParse(req.body); try {
if (!parsed.success) return res.status(400).json({ error: parsed.error.flatten() }); const parsed = changeRequestSchema.safeParse(req.body);
if (!parsed.success) {
return res.status(400).json({
error: 'Invalid input data',
details: parsed.error.flatten()
});
}
// Check if user already has an address // Check if user already has an address
try { try {
@ -21,11 +38,15 @@ router.post('/change-request', requireAuth, async (req, res) => {
); );
if (existingRows.length === 0) { if (existingRows.length === 0) {
return res.status(400).json({ error: 'User must have an existing address to request a change' }); return res.status(400).json({
error: 'User must have an existing address to request a change'
});
} }
} catch (err) { } catch (err) {
console.error('Error checking existing address:', err); console.error('Error checking existing address:', err);
return res.status(500).json({ error: 'Internal server error' }); return res.status(500).json({
error: 'Internal server error while checking existing address'
});
} }
const verificationCode = String(randomInt(100000, 999999)); const verificationCode = String(randomInt(100000, 999999));
@ -46,13 +67,27 @@ router.post('/change-request', requireAuth, async (req, res) => {
}); });
} catch (err) { } catch (err) {
console.error('Error in address change request:', err); console.error('Error in address change request:', err);
return res.status(500).json({ error: 'Internal server error' }); return res.status(500).json({
error: 'Internal server error while processing address change request'
});
}
} catch (err) {
console.error('Unexpected error in change-request route:', err);
return res.status(500).json({
error: 'Unexpected internal server error'
});
} }
}); });
router.post('/verify', requireAuth, async (req, res) => { router.post('/verify', requireAuth, async (req, res) => {
const parsed = z.object({ requestId: z.number().int().positive(), code: z.string().regex(/^\d{6}$/) }).safeParse(req.body); try {
if (!parsed.success) return res.status(400).json({ error: parsed.error.flatten() }); const parsed = verifyRequestSchema.safeParse(req.body);
if (!parsed.success) {
return res.status(400).json({
error: 'Invalid input data',
details: parsed.error.flatten()
});
}
const { requestId, code } = parsed.data; const { requestId, code } = parsed.data;
@ -102,7 +137,15 @@ router.post('/verify', requireAuth, async (req, res) => {
res.json({ status: 'verified' }); res.json({ status: 'verified' });
} catch (err) { } catch (err) {
console.error('Error in address verification:', err); console.error('Error in address verification:', err);
return res.status(500).json({ error: 'Internal server error' }); return res.status(500).json({
error: 'Internal server error while verifying address'
});
}
} catch (err) {
console.error('Unexpected error in verify route:', err);
return res.status(500).json({
error: 'Unexpected internal server error'
});
} }
}); });