github/umami
1
0
Fork 0
Code Issues Pull Requests Actions 1 Packages Projects Releases Wiki Activity

API security updates.

Browse Source
This commit is contained in:
Mike Cao
2020-09-11 13:49:43 -07:00
parent 01432266ef
commit 8e3286179a
7 changed files with 115 additions and 80 deletions
Download Patch File Download Diff File Expand all files Collapse all files

22
pages/api/account/[id].js
View File

@@ -9,24 +9,20 @@ export default async (req, res) => {
const { id } = req.query;
const user_id = +id;
if (req.method === 'GET') {
if (is_admin) {
const account = await getAccountById(user_id);
return ok(res, account);
}
if (is_admin) {
return unauthorized(res);
}
if (req.method === 'GET') {
const account = await getAccountById(user_id);
return ok(res, account);
}
if (req.method === 'DELETE') {
if (is_admin) {
await deleteAccount(user_id);
await deleteAccount(user_id);
return ok(res);
}
return unauthorized(res);
return ok(res);
}
return methodNotAllowed(res);