ATlast — you'll never need to find your favorites on another platform again. Find your favs in the ATmosphere.
atproto
16
fork

Configure Feed

Select the types of activity you want to include in your feed.

fix(api): validate JSON body in oauth-start

byarielm.fyi 1db09e9c 9f36b567

verified
+6 -1
+6 -1
packages/api/src/routes/auth.ts
··· 25 25 * Initiates OAuth flow with AT Protocol provider 26 26 */ 27 27 auth.post("/oauth-start", async (c) => { 28 - const body = await c.req.json<{ login_hint?: string }>(); 28 + let body: { login_hint?: string }; 29 + try { 30 + body = await c.req.json<{ login_hint?: string }>(); 31 + } catch { 32 + throw new ValidationError("Invalid or missing JSON body"); 33 + } 29 34 const loginHint = body.login_hint; 30 35 31 36 if (!loginHint) {