Skip to content

Commit

Permalink
Corregida vulnerabilidad en consulta a la base de datos
Browse files Browse the repository at this point in the history
  • Loading branch information
@uo289432
uo289432 committed Apr 10, 2024
1 parent 0b5b229 commit 30188fd
Showing 1 changed file with 4 additions and 2 deletions.
6 changes: 4 additions & 2 deletions userservice/userservice/user-service.js
View file
Original file line number Diff line number Diff line change
Expand Up @@ -48,7 +48,8 @@ app.post('/adduser', async (req, res) => {
app.get('/updateStats', async (req,res) => {
const { username, numRespuestasCorrectas, numRespuestasIncorrectas} = req.query;
try {
const user = await User.findOne({ username });
query = { username: username.toString() };
const user = await User.findOne(query);
if (!user) {
return res.status(404).json({ success: false, message: 'Usuario no encontrado' });
}
Expand All @@ -65,8 +66,9 @@ app.get('/updateStats', async (req,res) => {

app.get('/getUserData', async (req, res) => {
const { username } = req.query;
query = { username: username.toString() };
try {
const user = await User.findOne({ username });
const user = await User.findOne(query);
if (!user) {
return res.status(404).json({ success: false, message: 'Usuario no encontrado' });
}
Expand Down

0 comments on commit 30188fd

Please sign in to comment.