validation token valid query checking

src/modules/api/submodules/userManagement.ts

@@ -18,7 +18,7 @@
 
  ------------------------------------------------------------------------- */
 
-import { v4 as uuidv4, v5 } from 'uuid'
+import { v4 as uuidv4, v5, validate as validateuuid } from 'uuid'
 import type { Database } from 'better-sqlite3'
 
 import logger from '../../../utils/logger'
@@ -288,7 +288,7 @@ function setup(data: SubmoduleData): Submodule {
             const user: User = req.session.user
             const { token, userid } = req.query
 
-            if (token && userid) {
+            if (validateuuid(token) && !Number.isNaN(+userid)) {
                 const specifiedUser: User = dbtools.Select(userDB, 'users', {
                     id: +userid,
                 })[0]
@@ -305,6 +305,9 @@ function setup(data: SubmoduleData): Submodule {
                 res.json({
                     result: 'success',
                     key: key,
+                    ...((token || userid) && {
+                        msg: 'userid or token was provided, but was invalid',
+                    }),
                 })
             }
         }

submodules/qmining-page

@@ -1 +1 @@
-Subproject commit ce63911b68e5604c02f5761dd4b5388272b76c6f
+Subproject commit 32522097c0c0f442e93e00b54ed5dad495f8b093