watson/umami
1
0
Fork 0
mirror of https://github.com/umami-software/umami.git synced 2026-02-18 03:25:40 +01:00
Code Issues Projects Releases Packages Wiki Activity Actions 3

API security updates.

Browse source
This commit is contained in:
Mike Cao 2020-09-11 13:49:43 -07:00
parent 01432266ef
commit 8e3286179a
7 changed files with 115 additions and 80 deletions
Download patch file Download diff file Expand all files Collapse all files

35
pages/api/website/[id]/pageviews.js
View file

@ -1,24 +1,31 @@
import moment from 'moment-timezone';
import { getPageviews } from 'lib/queries';
import { ok, badRequest } from 'lib/response';
import { ok, badRequest, methodNotAllowed } from 'lib/response';
import { useAuth } from 'lib/middleware';
const unitTypes = ['month', 'hour', 'day'];
export default async (req, res) => {
const { id, start_at, end_at, unit, tz } = req.query;
await useAuth(req, res);
if (!moment.tz.zone(tz) || !unitTypes.includes(unit)) {
return badRequest(res);
if (req.method === 'GET') {
const { id, start_at, end_at, unit, tz } = req.query;
if (!moment.tz.zone(tz) || !unitTypes.includes(unit)) {
return badRequest(res);
}
const websiteId = +id;
const startDate = new Date(+start_at);
const endDate = new Date(+end_at);
const [pageviews, uniques] = await Promise.all([
getPageviews(websiteId, startDate, endDate, tz, unit, '*'),
getPageviews(websiteId, startDate, endDate, tz, unit, 'distinct session_id'),
]);
return ok(res, { pageviews, uniques });
}
const websiteId = +id;
const startDate = new Date(+start_at);
const endDate = new Date(+end_at);
const [pageviews, uniques] = await Promise.all([
getPageviews(websiteId, startDate, endDate, tz, unit, '*'),
getPageviews(websiteId, startDate, endDate, tz, unit, 'distinct session_id'),
]);
return ok(res, { pageviews, uniques });
return methodNotAllowed(res);
};