Add bio base64 verification

Signed-off-by: Asai Neko <sugar@sne.moe>

internal/cryptography/base64.go

@@ -0,0 +1,20 @@
+package cryptography
+
+import (
+	"encoding/base64"
+	"strings"
+)
+
+func IsBase64Std(s string) bool {
+	if s == "" {
+		return false
+	}
+
+	s = strings.TrimSpace(s)
+	if len(s)%4 != 0 {
+		return false
+	}
+
+	_, err := base64.StdEncoding.Strict().DecodeString(s)
+	return err == nil
+}

service/user/update.go

@@ -2,6 +2,7 @@ package user
 
 import (
 	"nixcn-cms/data"
+	"nixcn-cms/internal/cryptography"
 
 	"github.com/gin-gonic/gin"
 	"github.com/google/uuid"
@@ -37,6 +38,13 @@ func Update(c *gin.Context) {
 	user.Nickname = ReqInfo.Nickname
 	user.Subtitle = ReqInfo.Subtitle
 
+	if ReqInfo.Bio != "" {
+		if !cryptography.IsBase64Std(ReqInfo.Bio) {
+			c.JSON(400, gin.H{"status": "invalid base64"})
+		}
+	}
+	user.Bio = ReqInfo.Bio
+
 	// Update user info
 	user.UpdateByUserID(userId)