2 files changed, 6 insertions, 7 deletions

diff --git a/src/server/ApiManagers/SessionManager.ts b/src/server/ApiManagers/SessionManager.ts
index a99aa05e0..f1629b8f0 100644
--- a/src/server/ApiManagers/SessionManager.ts
+++ b/src/server/ApiManagers/SessionManager.ts
@@ -8,16 +8,15 @@ const permissionError = "You are not authorized!";
 
 export default class SessionManager extends ApiManager {
 
-    private secureSubscriber = (root: string, ...params: string[]) => new RouteSubscriber(root).add("sessionKey", ...params);
+    private secureSubscriber = (root: string, ...params: string[]) => new RouteSubscriber(root).add("session_key", ...params);
 
     private authorizedAction = (handler: SecureHandler) => {
         return (core: AuthorizedCore) => {
-            const { req, res, isRelease } = core;
-            const { sessionKey } = req.params;
+            const { req: { params }, res, isRelease } = core;
             if (!isRelease) {
                 return res.send("This can be run only on the release server.");
             }
-            if (sessionKey !== process.env.session_key) {
+            if (params.session_key !== process.env.session_key) {
                 return _permission_denied(res, permissionError);
             }
             return handler(core);
diff --git a/src/server/RouteManager.ts b/src/server/RouteManager.ts
index d072b7709..6bc75ca21 100644
--- a/src/server/RouteManager.ts
+++ b/src/server/RouteManager.ts
@@ -68,7 +68,7 @@ export default class RouteManager {
                 console.log('please remove all duplicate routes before continuing');
             }
             if (malformedCount) {
-                console.log(`please ensure all routes adhere to ^\/$|^\/[A-Za-z]+(\/\:[A-Za-z?]+)*$`);
+                console.log(`please ensure all routes adhere to ^\/$|^\/[A-Za-z]+(\/\:[A-Za-z?_]+)*$`);
             }
             process.exit(1);
         } else {
@@ -133,7 +133,7 @@ export default class RouteManager {
             } else {
                 route = subscriber.build;
             }
-            if (!/^\/$|^\/[A-Za-z]+(\/\:[A-Za-z?]+)*$/g.test(route)) {
+            if (!/^\/$|^\/[A-Za-z]+(\/\:[A-Za-z?_]+)*$/g.test(route)) {
                 this.failedRegistrations.push({
                     reason: RegistrationError.Malformed,
                     route
@@ -198,5 +198,5 @@ export function _permission_denied(res: Response, message?: string) {
     if (message) {
         res.statusMessage = message;
     }
-    res.status(STATUS.BAD_REQUEST).send("Permission Denied!");
+    res.status(STATUS.PERMISSION_DENIED).send("Permission Denied!");
 }