From 64414a37318b3acc739e24841bf36f4026db2295 Mon Sep 17 00:00:00 2001 From: rubenwardy Date: Sat, 30 Mar 2024 17:06:32 +0000 Subject: [PATCH] Check that GitHub doesn't pass a null user id --- app/blueprints/github/__init__.py | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/app/blueprints/github/__init__.py b/app/blueprints/github/__init__.py index 25fac41c..f21c5563 100644 --- a/app/blueprints/github/__init__.py +++ b/app/blueprints/github/__init__.py @@ -68,9 +68,11 @@ def callback(oauth_token): json = r.json() user_id = json["id"] username = json["login"] + if type(user_id) is not int: + abort(400) # Get user by GitHub user ID - userByGithub = User.query.filter(User.github_user_id == user_id).first() + userByGithub = User.query.filter(User.github_user_id == user_id).one_or_none() # If logged in, connect if current_user and current_user.is_authenticated: