From 91b0e4e42dd4d52aa199632fc5597e768cce8f5f Mon Sep 17 00:00:00 2001
From: Bradley Hilton <graywolf336@craftyn.com>
Date: Thu, 12 Nov 2020 05:27:56 -0600
Subject: [PATCH] [FIX] Cloud Register Allowing Empty Tokens (#19501)

---
 app/cloud/server/functions/connectWorkspace.js | 6 ++++++
 app/cloud/server/methods.js                    | 4 ++++
 2 files changed, 10 insertions(+)

diff --git a/app/cloud/server/functions/connectWorkspace.js b/app/cloud/server/functions/connectWorkspace.js
index 17872bbce58..6e428803dc0 100644
--- a/app/cloud/server/functions/connectWorkspace.js
+++ b/app/cloud/server/functions/connectWorkspace.js
@@ -13,6 +13,12 @@ export function connectWorkspace(token) {
 		Settings.updateValueById('Register_Server', true);
 	}
 
+	// shouldn't get here due to checking this on the method
+	// but this is just to double check
+	if (!token) {
+		return new Error('Invalid token; the registration token is required.');
+	}
+
 	const redirectUri = getRedirectUri();
 
 	const regInfo = {
diff --git a/app/cloud/server/methods.js b/app/cloud/server/methods.js
index 7e64e5d889d..7723566601f 100644
--- a/app/cloud/server/methods.js
+++ b/app/cloud/server/methods.js
@@ -70,6 +70,10 @@ Meteor.methods({
 			throw new Meteor.Error('error-not-authorized', 'Not authorized', { method: 'cloud:connectServer' });
 		}
 
+		if (!token) {
+			throw new Meteor.Error('error-invalid-payload', 'Token is required.', { method: 'cloud:connectServer' });
+		}
+
 		return connectWorkspace(token);
 	},
 	'cloud:disconnectWorkspace'() {