diff --git a/client/api/api.ts b/client/api/api.ts index ca2cf91..e0cf821 100644 --- a/client/api/api.ts +++ b/client/api/api.ts @@ -53,6 +53,7 @@ function getStats(period: string): Promise { } function search(q: string): Promise { + q = encodeURIComponent(q) return fetch(`/apis/web/v1/search?q=${q}`).then(r => r.json() as Promise) } @@ -131,8 +132,12 @@ function deleteApiKey(id: number): Promise { }) } function updateApiKeyLabel(id: number, label: string): Promise { - return fetch(`/apis/web/v1/user/apikeys?id=${id}&label=${label}`, { - method: "PATCH" + const form = new URLSearchParams + form.append('id', String(id)) + form.append('label', label) + return fetch(`/apis/web/v1/user/apikeys`, { + method: "PATCH", + body: form, }) } @@ -154,18 +159,30 @@ function getAliases(type: string, id: number): Promise { return fetch(`/apis/web/v1/aliases?${type}_id=${id}`).then(r => r.json() as Promise) } function createAlias(type: string, id: number, alias: string): Promise { - return fetch(`/apis/web/v1/aliases?${type}_id=${id}&alias=${alias}`, { - method: 'POST' + const form = new URLSearchParams + form.append(`${type}_id`, String(id)) + form.append('alias', alias) + return fetch(`/apis/web/v1/aliases`, { + method: 'POST', + body: form, }) } function deleteAlias(type: string, id: number, alias: string): Promise { - return fetch(`/apis/web/v1/aliases?${type}_id=${id}&alias=${alias}`, { - method: "DELETE" + const form = new URLSearchParams + form.append(`${type}_id`, String(id)) + form.append('alias', alias) + return fetch(`/apis/web/v1/aliases/delete`, { + method: "POST", + body: form, }) } function setPrimaryAlias(type: string, id: number, alias: string): Promise { - return fetch(`/apis/web/v1/aliases/primary?${type}_id=${id}&alias=${alias}`, { - method: "POST" + const form = new URLSearchParams + form.append(`${type}_id`, String(id)) + form.append('alias', alias) + return fetch(`/apis/web/v1/aliases/primary`, { + method: "POST", + body: form, }) } function getAlbum(id: number): Promise { diff --git a/engine/handlers/alias.go b/engine/handlers/alias.go index 79a7598..ef5ca02 100644 --- a/engine/handlers/alias.go +++ b/engine/handlers/alias.go @@ -88,11 +88,18 @@ func DeleteAliasHandler(store db.DB) http.HandlerFunc { l.Debug().Msg("DeleteAliasHandler: Got request") + err := r.ParseForm() + if err != nil { + l.Debug().Msg("DeleteAliasHandler: Failed to parse form") + utils.WriteError(w, "form is invalid", http.StatusBadRequest) + return + } + // Parse query parameters - artistIDStr := r.URL.Query().Get("artist_id") - albumIDStr := r.URL.Query().Get("album_id") - trackIDStr := r.URL.Query().Get("track_id") - alias := r.URL.Query().Get("alias") + artistIDStr := r.FormValue("artist_id") + albumIDStr := r.FormValue("album_id") + trackIDStr := r.FormValue("track_id") + alias := r.FormValue("alias") if alias == "" || (artistIDStr == "" && albumIDStr == "" && trackIDStr == "") { l.Debug().Msg("DeleteAliasHandler: Request is missing required parameters") @@ -105,7 +112,6 @@ func DeleteAliasHandler(store db.DB) http.HandlerFunc { return } - var err error if artistIDStr != "" { var artistID int artistID, err = strconv.Atoi(artistIDStr) @@ -176,9 +182,9 @@ func CreateAliasHandler(store db.DB) http.HandlerFunc { return } - artistIDStr := r.URL.Query().Get("artist_id") - albumIDStr := r.URL.Query().Get("album_id") - trackIDStr := r.URL.Query().Get("track_id") + artistIDStr := r.FormValue("artist_id") + albumIDStr := r.FormValue("album_id") + trackIDStr := r.FormValue("track_id") if artistIDStr == "" && albumIDStr == "" && trackIDStr == "" { l.Debug().Msg("CreateAliasHandler: Missing ID parameter") @@ -245,11 +251,20 @@ func SetPrimaryAliasHandler(store db.DB) http.HandlerFunc { l.Debug().Msg("SetPrimaryAliasHandler: Got request") + err := r.ParseForm() + if err != nil { + l.Debug().Msg("SetPrimaryAliasHandler: Failed to parse form") + utils.WriteError(w, "form is invalid", http.StatusBadRequest) + return + } + // Parse query parameters - artistIDStr := r.URL.Query().Get("artist_id") - albumIDStr := r.URL.Query().Get("album_id") - trackIDStr := r.URL.Query().Get("track_id") - alias := r.URL.Query().Get("alias") + artistIDStr := r.FormValue("artist_id") + albumIDStr := r.FormValue("album_id") + trackIDStr := r.FormValue("track_id") + alias := r.FormValue("alias") + + l.Debug().Msgf("Alias: %s", alias) if alias == "" { l.Debug().Msg("SetPrimaryAliasHandler: Missing alias parameter") @@ -268,7 +283,6 @@ func SetPrimaryAliasHandler(store db.DB) http.HandlerFunc { } var id int - var err error if artistIDStr != "" { id, err = strconv.Atoi(artistIDStr) if err != nil { diff --git a/engine/handlers/apikeys.go b/engine/handlers/apikeys.go index 40aa589..590a771 100644 --- a/engine/handlers/apikeys.go +++ b/engine/handlers/apikeys.go @@ -139,7 +139,14 @@ func UpdateApiKeyLabelHandler(store db.DB) http.HandlerFunc { return } - idStr := r.URL.Query().Get("id") + err := r.ParseForm() + if err != nil { + l.Debug().Msg("UpdateApiKeyLabelHandler: Failed to parse form") + utils.WriteError(w, "form is invalid", http.StatusBadRequest) + return + } + + idStr := r.FormValue("id") if idStr == "" { l.Debug().Msg("UpdateApiKeyLabelHandler: Missing id parameter") utils.WriteError(w, "id is required", http.StatusBadRequest) diff --git a/engine/routes.go b/engine/routes.go index 424daf3..91d0c62 100644 --- a/engine/routes.go +++ b/engine/routes.go @@ -81,7 +81,7 @@ func bindRoutes( r.Delete("/track", handlers.DeleteTrackHandler(db)) r.Delete("/listen", handlers.DeleteListenHandler(db)) r.Post("/aliases", handlers.CreateAliasHandler(db)) - r.Delete("/aliases", handlers.DeleteAliasHandler(db)) + r.Post("/aliases/delete", handlers.DeleteAliasHandler(db)) r.Post("/aliases/primary", handlers.SetPrimaryAliasHandler(db)) r.Get("/user/apikeys", handlers.GetApiKeysHandler(db)) r.Post("/user/apikeys", handlers.GenerateApiKeyHandler(db))