diff --git a/server/models/embedChats.js b/server/models/embedChats.js
index 77b720105..1c46f6d4a 100644
--- a/server/models/embedChats.js
+++ b/server/models/embedChats.js
@@ -15,7 +15,7 @@ const EmbedChats = {
embed_id: Number(embedId),
response: JSON.stringify(response),
connection_information: JSON.stringify(connection_information),
- session_id: sessionId,
+ session_id: String(sessionId),
},
});
return { chat, message: null };
@@ -36,8 +36,8 @@ const EmbedChats = {
try {
const chats = await prisma.embed_chats.findMany({
where: {
- embed_id: embedId,
- session_id: sessionId,
+ embed_id: Number(embedId),
+ session_id: String(sessionId),
include: true,
},
...(limit !== null ? { take: limit } : {}),
@@ -56,8 +56,8 @@ const EmbedChats = {
try {
await prisma.embed_chats.updateMany({
where: {
- embed_id: embedId,
- session_id: sessionId,
+ embed_id: Number(embedId),
+ session_id: String(sessionId),
},
data: {
include: false,
diff --git a/server/utils/middleware/embedMiddleware.js b/server/utils/middleware/embedMiddleware.js
index e9d1c3eae..013ef1252 100644
--- a/server/utils/middleware/embedMiddleware.js
+++ b/server/utils/middleware/embedMiddleware.js
@@ -1,4 +1,4 @@
-const { v4: uuidv4 } = require("uuid");
+const { v4: uuidv4, validate } = require("uuid");
const { VALID_CHAT_MODE } = require("../chats/stream");
const { EmbedChats } = require("../../models/embedChats");
const { EmbedConfig } = require("../../models/embedConfig");
@@ -78,6 +78,17 @@ async function canRespond(request, response, next) {
}
const { sessionId, message } = reqBody(request);
+ if (typeof sessionId !== "string" || !validate(String(sessionId))) {
+ response.status(404).json({
+ id: uuidv4(),
+ type: "abort",
+ textResponse: null,
+ sources: [],
+ close: true,
+ error: "Invalid session ID.",
+ });
+ return;
+ }
if (!message?.length || !VALID_CHAT_MODE.includes(embed.chat_mode)) {
response.status(400).json({