X-Git-Url: https://git.xangelo.ca/?p=rss-reader.git;a=blobdiff_plain;f=src%2Fserver.ts;h=e9915d3947216e6188c5ba58ff4c6c84a85c919b;hp=3b76b918032992c0e2c2e2914ab99cc04ebd49fd;hb=HEAD;hpb=dbeade58f6997ce9de78a3aad26587d57ed30682

diff --git a/src/server.ts b/src/server.ts
index 3b76b91..e9915d3 100644
--- a/src/server.ts
+++ b/src/server.ts
@@ -307,10 +307,14 @@ apiGet('/accounts/:account_id/feeds/:feed_id/items/:item_id',{auth: true},  asyn
   `;
 });
 
-apiDelete('/feeds/:feed_id',{auth: true},  async (req, res) => {
-  const id = req.params.feed_id;
+apiDelete('/accounts/:account_id/feeds/:feed_id',{auth: true},  async (req, res) => {
+  const { feed_id, account_id } = req.params;
+  if(!query.isFeedOwnedBy(account_id, feed_id)) {
+    throw new Error('Invalid feed');
+  }
 
-  query.deleteFeed.run(id);
+  query.deleteFeed.run(feed_id);
+  console.log(`Deleting feed ${feed_id}`);
   res.setHeader('HX-Trigger', 'newFeed');
   return;
 });