From 12a9ad28fdbea9b55da3b9a7f047f6407c2b50e0 Mon Sep 17 00:00:00 2001
From: Derrick Hammer <derrick@derrickhammer.com>
Date: Tue, 26 Mar 2024 17:04:16 -0400
Subject: [PATCH] fix: check if email or token is empty

---
 api/account/account.go | 6 ++++++
 1 file changed, 6 insertions(+)

diff --git a/api/account/account.go b/api/account/account.go
index ba20214..3ad63a5 100644
--- a/api/account/account.go
+++ b/api/account/account.go
@@ -5,6 +5,7 @@ import (
 	"crypto/ed25519"
 	"embed"
 	_ "embed"
+	"errors"
 	"io/fs"
 	"net/http"
 	"strings"
@@ -164,6 +165,11 @@ func (a AccountAPI) verifyEmail(jc jape.Context) {
 		return
 	}
 
+	if request.Email == "" || request.Token == "" {
+		_ = jc.Error(errors.New("invalid request"), http.StatusBadRequest)
+		return
+	}
+
 	err := a.accounts.VerifyEmail(request.Email, request.Token)
 
 	if jc.Check("failed to verify email", err) != nil {