From 737dd9d5cffa2c9ee1fa5b58930f6b2f2b41dac9 Mon Sep 17 00:00:00 2001
From: Ferdinand Thiessen <rpm@fthiessen.de>
Date: Wed, 18 Nov 2020 02:48:44 +0100
Subject: [PATCH] [Plugin]auth: Fixed possible issue with POST paramenters on
 login

---
 flaschengeist/models/user.py           | 2 +-
 flaschengeist/plugins/auth/__init__.py | 6 +++---
 2 files changed, 4 insertions(+), 4 deletions(-)

diff --git a/flaschengeist/models/user.py b/flaschengeist/models/user.py
index cd1bfce..98a2f4a 100644
--- a/flaschengeist/models/user.py
+++ b/flaschengeist/models/user.py
@@ -68,7 +68,7 @@ class User(db.Model, ModelSerializeMixin):
 
     @property
     def avatar_url(self):
-        return url_for('users.get_avatar', userid=self.userid)
+        return url_for("users.get_avatar", userid=self.userid)
 
     @property
     def roles(self):
diff --git a/flaschengeist/plugins/auth/__init__.py b/flaschengeist/plugins/auth/__init__.py
index 8bd867f..95ba2d3 100644
--- a/flaschengeist/plugins/auth/__init__.py
+++ b/flaschengeist/plugins/auth/__init__.py
@@ -34,9 +34,9 @@ def login():
     logger.debug("Start log in.")
     data = request.get_json()
     try:
-        userid = data["userid"]
-        password = data["password"]
-    except (KeyError, ValueError):
+        userid = str(data["userid"])
+        password = str(data["password"])
+    except (KeyError, ValueError, TypeError):
         raise BadRequest("Missing parameter(s)")
 
     logger.debug("search user {{ {} }} in database".format(userid))