Fixed change password issue. API refactoring. Closes #1592.

pages/api/websites/[id]/index.js

@@ -2,19 +2,20 @@ import { allowQuery } from 'lib/auth';
 import { useAuth, useCors } from 'lib/middleware';
 import { getRandomChars, methodNotAllowed, ok, serverError, unauthorized } from 'next-basics';
 import { deleteWebsite, getAccount, getWebsite, updateWebsite } from 'queries';
+import { TYPE_WEBSITE } from 'lib/constants';
 
 export default async (req, res) => {
   await useCors(req, res);
   await useAuth(req, res);
 
-  const { id: websiteId } = req.query;
+  const { id: websiteUuid } = req.query;
 
-  if (!(await allowQuery(req))) {
+  if (!(await allowQuery(req, TYPE_WEBSITE))) {
     return unauthorized(res);
   }
 
   if (req.method === 'GET') {
-    const website = await getWebsite({ websiteUuid: websiteId });
+    const website = await getWebsite({ websiteUuid });
 
     return ok(res, website);
   }
@@ -32,7 +33,7 @@ export default async (req, res) => {
       }
     }
 
-    const website = await getWebsite({ websiteUuid: websiteId });
+    const website = await getWebsite({ websiteUuid });
 
     const newShareId = enableShareUrl ? website.shareId || getRandomChars(8) : null;
 
@@ -44,7 +45,7 @@ export default async (req, res) => {
           shareId: shareId ? shareId : newShareId,
           userId: account ? account.id : +owner || undefined,
         },
-        { websiteUuid: websiteId },
+        { websiteUuid },
       );
     } catch (e) {
       if (e.message.includes('Unique constraint') && e.message.includes('share_id')) {
@@ -56,11 +57,11 @@ export default async (req, res) => {
   }
 
   if (req.method === 'DELETE') {
-    if (!(await allowQuery(req, true))) {
+    if (!(await allowQuery(req, TYPE_WEBSITE))) {
       return unauthorized(res);
     }
 
-    await deleteWebsite(websiteId);
+    await deleteWebsite(websiteUuid);
 
     return ok(res);
   }