fix: route delete through user router
This commit is contained in:
@@ -89,7 +89,7 @@ func (h *Handler) HandleAddUserForm(w http.ResponseWriter, r *http.Request) {
|
|||||||
func (h *Handler) HandleDeleteUserRouter(w http.ResponseWriter, r *http.Request) {
|
func (h *Handler) HandleDeleteUserRouter(w http.ResponseWriter, r *http.Request) {
|
||||||
path := r.URL.Path
|
path := r.URL.Path
|
||||||
path = strings.TrimPrefix(path, "/admin/users/delete/")
|
path = strings.TrimPrefix(path, "/admin/users/delete/")
|
||||||
|
|
||||||
if path == "" {
|
if path == "" {
|
||||||
writeInlineError(w, "Invalid user ID")
|
writeInlineError(w, "Invalid user ID")
|
||||||
return
|
return
|
||||||
@@ -130,6 +130,8 @@ func (h *Handler) HandleDeleteUserRouter(w http.ResponseWriter, r *http.Request)
|
|||||||
func (h *Handler) HandleUserRouter(w http.ResponseWriter, r *http.Request) {
|
func (h *Handler) HandleUserRouter(w http.ResponseWriter, r *http.Request) {
|
||||||
path := r.URL.Path
|
path := r.URL.Path
|
||||||
switch {
|
switch {
|
||||||
|
case strings.HasSuffix(path, "/delete"):
|
||||||
|
h.HandleDeleteUserRouter(w, r)
|
||||||
case strings.HasSuffix(path, "/watchlist"):
|
case strings.HasSuffix(path, "/watchlist"):
|
||||||
h.HandleUserWatchlist(w, r)
|
h.HandleUserWatchlist(w, r)
|
||||||
case strings.HasSuffix(path, "/continue-watching"):
|
case strings.HasSuffix(path, "/continue-watching"):
|
||||||
@@ -225,4 +227,4 @@ func GetImpersonatedUserID(r *http.Request) string {
|
|||||||
}
|
}
|
||||||
|
|
||||||
return impersonateID
|
return impersonateID
|
||||||
}
|
}
|
||||||
|
|||||||
@@ -108,9 +108,6 @@ func NewRouter(cfg Config) http.Handler {
|
|||||||
// Admin Endpoints (protected by admin middleware in route handlers)
|
// Admin Endpoints (protected by admin middleware in route handlers)
|
||||||
mux.Handle("/admin", middleware.RequireAdmin(http.HandlerFunc(adminHandler.HandleAdminPage)))
|
mux.Handle("/admin", middleware.RequireAdmin(http.HandlerFunc(adminHandler.HandleAdminPage)))
|
||||||
mux.Handle("/admin/users", middleware.RequireAdmin(http.HandlerFunc(adminHandler.HandleAddUserForm)))
|
mux.Handle("/admin/users", middleware.RequireAdmin(http.HandlerFunc(adminHandler.HandleAddUserForm)))
|
||||||
mux.HandleFunc("/admin/users/delete", func(w http.ResponseWriter, r *http.Request) {
|
|
||||||
middleware.RequireAdmin(http.HandlerFunc(adminHandler.HandleDeleteUserRouter)).ServeHTTP(w, r)
|
|
||||||
})
|
|
||||||
mux.Handle("/admin/users/", middleware.RequireAdmin(http.HandlerFunc(adminHandler.HandleUserRouter)))
|
mux.Handle("/admin/users/", middleware.RequireAdmin(http.HandlerFunc(adminHandler.HandleUserRouter)))
|
||||||
|
|
||||||
// Wrap mux with global CSRF origin verification and auth checking,
|
// Wrap mux with global CSRF origin verification and auth checking,
|
||||||
|
|||||||
Reference in New Issue
Block a user