From 849da7bc5345f9bb8538e19a428439a9e310386b Mon Sep 17 00:00:00 2001
From: Kamil Kisiela <kamil.kisiela@gmail.com>
Date: Fri, 4 Nov 2022 13:45:47 +0100
Subject: [PATCH] Cut short all tokens that are not 32 chars long in
 TokenStorage (#600)

---
 .../api/src/modules/token/providers/token-storage.ts         | 5 +++++
 1 file changed, 5 insertions(+)

diff --git a/packages/services/api/src/modules/token/providers/token-storage.ts b/packages/services/api/src/modules/token/providers/token-storage.ts
index f255aa21c..f8604fb97 100644
--- a/packages/services/api/src/modules/token/providers/token-storage.ts
+++ b/packages/services/api/src/modules/token/providers/token-storage.ts
@@ -127,6 +127,11 @@ export class TokenStorage {
 
   @atomic<TokenSelector>(({ token }) => token)
   async getToken({ token }: TokenSelector) {
+    // Tokens are MD5 hashes, so they are always 32 characters long
+    if (token.length !== 32) {
+      throw new HiveError('Invalid token provided!');
+    }
+
     this.logger.debug('Fetching token (token=%s)', maskToken(token));
 
     try {