Make the transaction ID mandatory again (for security issue).

README.md

@@ -53,7 +53,7 @@ To ask authorization, just send an HTTP request to the path ``/auth`` with param
  * __jid__ : JID of the user (user@host/resource or user@host)
  * __domain__ : Domain you want to access
  * __method__ : Method you access the domain
- * transaction_id : Transaction identifier (auto generated if not provide)
+ * __transaction_id__ : Transaction identifier (auto generated if not provide)
  * timeout : Timeout of the request in second (default : 60, max : 300)
 
 __Bold parameters__ are mandatory.

http/http.go

@@ -62,15 +62,15 @@ func authHandler(w http.ResponseWriter, r *http.Request) {
 	jid := strings.Join(r.Form[PARAM_JID], "")
 	method := strings.Join(r.Form[METHOD_ACCESS], "")
 	domain := strings.Join(r.Form[DOMAIN_ACCESS], "")
+	transaction := strings.Join(r.Form[TRANSACTION_ID], "")
 
-	if jid == "" || method == "" || domain == "" {
+	if jid == "" || method == "" || domain == "" || transaction == "" {
 		// If mandatory params is missing
 		log.Printf("%sMandatory params is missing", LogInfo)
 		w.WriteHeader(http.StatusBadRequest)
 		return
 	}
 
-	transaction := strings.Join(r.Form[TRANSACTION_ID], "")
 	timeoutStr := strings.Join(r.Form[TIMEOUTE], "")
 	log.Printf("%sAuth %s", LogInfo, jid)
 	timeout, err := strconv.Atoi(timeoutStr)

httpAuth.cfg

@@ -1,7 +1,7 @@
 # XMPP informations (component)
 xmpp_server_address=192.168.1.2
 xmpp_server_port=5347
-xmpp_jid=xmppsteamm.kingpenguin.tk
+xmpp_jid=xmppsteam.kingpenguin.tk
 xmpp_secret=xmpp4steam_password
 xmpp_debug=true
 xmpp_verify_cert_validity=true