From 1d2777c5a4f6c97753458fba7c7bfe12158bc864 Mon Sep 17 00:00:00 2001
From: Carlos Quintana <74399022+cquintana92@users.noreply.github.com>
Date: Fri, 7 Feb 2025 11:29:52 +0100
Subject: [PATCH] fix: add type check on create custom alias api (#2385)

---
 app/api/views/new_custom_alias.py | 13 +++++++++++--
 1 file changed, 11 insertions(+), 2 deletions(-)

diff --git a/app/api/views/new_custom_alias.py b/app/api/views/new_custom_alias.py
index 94d48a99..11ce227c 100644
--- a/app/api/views/new_custom_alias.py
+++ b/app/api/views/new_custom_alias.py
@@ -62,8 +62,17 @@ def new_custom_alias_v2():
     if not data:
         return jsonify(error="request body cannot be empty"), 400
 
-    alias_prefix = data.get("alias_prefix", "").strip().lower().replace(" ", "")
-    signed_suffix = data.get("signed_suffix", "").strip()
+    alias_prefix = data.get("alias_prefix", "")
+    if not isinstance(alias_prefix, str) or not alias_prefix:
+        return jsonify(error="invalid value for alias_prefix"), 400
+
+    alias_prefix = alias_prefix.strip().lower().replace(" ", "")
+    signed_suffix = data.get("signed_suffix", "")
+    if not isinstance(signed_suffix, str) or not signed_suffix:
+        return jsonify(error="invalid value for signed_suffix"), 400
+
+    signed_suffix = signed_suffix.strip()
+
     note = data.get("note")
     alias_prefix = convert_to_id(alias_prefix)