From f17102de9e05a3f745adc8445648c202ab56cb96 Mon Sep 17 00:00:00 2001
From: Daniel Lugo <danlugo92@gmail.com>
Date: Fri, 21 Aug 2020 14:16:39 -0400
Subject: [PATCH] validation

---
 src/routes.js | 16 ++++++++++++++++
 1 file changed, 16 insertions(+)

diff --git a/src/routes.js b/src/routes.js
index 9f06225c..e1d63bfa 100644
--- a/src/routes.js
+++ b/src/routes.js
@@ -1174,6 +1174,22 @@ module.exports = async (
         })
       }
 
+      const amount = Number(amt)
+
+      if (!isARealUsableNumber(amount)) {
+        return res.status(400).json({
+          field: 'amt',
+          errorMessage: 'Not an usable number'
+        })
+      }
+
+      if (amount < 1) {
+        return res.status(400).json({
+          field: 'amt',
+          errorMessage: 'Must be 1 or greater.'
+        })
+      }
+
       return res
         .status(200)
         .json(await GunActions.sendSpontaneousPayment(to, amt, memo, feeLimit))