diff --git a/routes/create_password.go b/routes/create_password.go index b5b3bd0..d2d8960 100644 --- a/routes/create_password.go +++ b/routes/create_password.go @@ -12,8 +12,8 @@ import ( func CreatePassword(store storage.Store, maxLength int, encoding *base64.Encoding) http.HandlerFunc { return func(res http.ResponseWriter, req *http.Request) { var reqBody struct { - Password string `json:"password"` - ExpiresIn string `json:"expires-in"` + Password string `json:"password"` + ExpiresIn time.Duration `json:"expires-in"` } err := json.NewDecoder(req.Body).Decode(&reqBody) if err != nil { @@ -32,20 +32,14 @@ func CreatePassword(store storage.Store, maxLength int, encoding *base64.Encodin return } - var expiresIn time.Duration - switch reqBody.ExpiresIn { - case "1-hour": - expiresIn = 1 * time.Hour - case "12-hours": - expiresIn = 12 * time.Hour - case "1-day": - expiresIn = 1 * 24 * time.Hour - case "1-week": - expiresIn = 1 * 7 * 24 * time.Hour - case "2-weeks": - expiresIn = 1 * 7 * 24 * time.Hour - default: - http.Error(res, "Bad expires-in", http.StatusBadRequest) + expiresIn := reqBody.ExpiresIn * time.Second + if expiresIn <= 0 { + http.Error(res, "Too short expires-in", http.StatusBadRequest) + return + } + + if expiresIn > 2*7*24*time.Hour { + http.Error(res, "Too long expires-in", http.StatusBadRequest) return } diff --git a/static/index.html b/static/index.html index 7e410f4..ff74b67 100644 --- a/static/index.html +++ b/static/index.html @@ -43,11 +43,11 @@ diff --git a/static/index.js b/static/index.js index ee21acf..5b4c9ae 100644 --- a/static/index.js +++ b/static/index.js @@ -145,7 +145,7 @@ function init() { method: "POST", body: JSON.stringify({ password: encrypted.password, - "expires-in": data.get("expires-in"), + "expires-in": parseInt(data.get("expires-in")), }), }); if (!res.ok) {