aboutsummaryrefslogtreecommitdiffstats
path: root/cmd
diff options
context:
space:
mode:
authorPéter Szilágyi <peterke@gmail.com>2017-04-16 23:49:06 +0800
committerPéter Szilágyi <peterke@gmail.com>2017-04-16 23:49:06 +0800
commitcb3f5f8b932156df9078085e77bef493eca1581b (patch)
tree06e46224bd248a0f742419e83b0b74c2127421a3 /cmd
parentc7a4d9cf8ae307a94d16dd8197824eecd320cdf7 (diff)
downloadgo-tangerine-cb3f5f8b932156df9078085e77bef493eca1581b.tar
go-tangerine-cb3f5f8b932156df9078085e77bef493eca1581b.tar.gz
go-tangerine-cb3f5f8b932156df9078085e77bef493eca1581b.tar.bz2
go-tangerine-cb3f5f8b932156df9078085e77bef493eca1581b.tar.lz
go-tangerine-cb3f5f8b932156df9078085e77bef493eca1581b.tar.xz
go-tangerine-cb3f5f8b932156df9078085e77bef493eca1581b.tar.zst
go-tangerine-cb3f5f8b932156df9078085e77bef493eca1581b.zip
cmd/faucet: double check user against the GH website
Diffstat (limited to 'cmd')
-rw-r--r--cmd/faucet/faucet.go13
1 files changed, 12 insertions, 1 deletions
diff --git a/cmd/faucet/faucet.go b/cmd/faucet/faucet.go
index fd34cdec1..c418da818 100644
--- a/cmd/faucet/faucet.go
+++ b/cmd/faucet/faucet.go
@@ -306,7 +306,7 @@ func (f *faucet) apiHandler(conn *websocket.Conn) {
websocket.JSON.Send(conn, map[string]string{"error": "URL doesn't link to GitHub Gists"})
continue
}
- log.Info("Faucet funds requested", "gist", msg.URL)
+ log.Info("Faucet funds requested", "addr", conn.RemoteAddr(), "gist", msg.URL)
// Retrieve the gist from the GitHub Gist APIs
parts := strings.Split(msg.URL, "/")
@@ -348,6 +348,17 @@ func (f *faucet) apiHandler(conn *websocket.Conn) {
websocket.JSON.Send(conn, map[string]string{"error": "No Ethereum address found to fund"})
continue
}
+ // Validate the user's existence since the API is unhelpful here
+ if res, err = http.Head("https://github.com/%s", gist.Owner.Login); err != nil {
+ websocket.JSON.Send(conn, map[string]string{"error": err.Error()})
+ continue
+ }
+ res.Body.Close()
+
+ if res.StatusCode != 200 {
+ websocket.JSON.Send(conn, map[string]string{"error": "Invalid user... boom!"})
+ continue
+ }
// Ensure the user didn't request funds too recently
f.lock.Lock()
var (