From 3e78826658c7d2a4e9b3c1d73e63dacc1d39c361 Mon Sep 17 00:00:00 2001
From: Factiven <dabinaya.fathan@gmail.com>
Date: Sat, 12 Aug 2023 22:54:26 +0700
Subject: Update v3.9.3 - Merged Beta to Main (#51)

* commit

* update db

* Update v3.9.1-beta-v3.1

* Update v3.9.1

* Fix watched progress not showing

* Secure headers

* Fix recently watched image

* Update v3.9.2

> Added custom lists for AniList
> Fixed episode listMode progress

* Update db route

* Fixed AniList

* Fix next button on dub anime

> video is playing sub anime instead dub

* small adjusment for premid

* fix eslint

* small updates

> added ability to remove episode from recently watched

* Update v3.9.3
---
 pages/api/user/profile.js | 16 ++++++++++++----
 1 file changed, 12 insertions(+), 4 deletions(-)

(limited to 'pages/api/user/profile.js')

diff --git a/pages/api/user/profile.js b/pages/api/user/profile.js
index dd22bd8..e20aaca 100644
--- a/pages/api/user/profile.js
+++ b/pages/api/user/profile.js
@@ -43,13 +43,21 @@ export default async function handler(req, res) {
         }
         case "DELETE": {
           const { name } = req.body;
-          const user = await deleteUser(name);
-          if (!user) {
-            return res.status(404).json({ message: "User not found" });
+          // return res.status(200).json({ name });
+          if (session.user.name !== name) {
+            return res.status(401).json({ message: "Unauthorized" });
           } else {
-            return res.status(200).json(user);
+            const user = await deleteUser(name);
+            if (!user) {
+              return res.status(404).json({ message: "User not found" });
+            } else {
+              return res.status(200).json(user);
+            }
           }
         }
+        default: {
+          return res.status(405).json({ message: "Method not allowed" });
+        }
       }
     } catch (error) {
       console.log(error);
-- 
cgit v1.2.3