move to the proper HTTP methods

2025-06-01 08:34:17 -04:00 · 2025-06-01 08:34:17 -04:00 · 13159e5d78
commit 13159e5d78
parent dc904dd0ff
4 changed files with 20 additions and 16 deletions
--- a/README.md
+++ b/README.md
@ -46,11 +46,12 @@ docker compose up --build
 Returns stored timezone and username for the given user ID.
-### `GET /set?timezone=<iana_timezone>`
+### `POST /set`
 Stores timezone for the authenticated user. Requires Discord OAuth session.  
 Body: `application/x-www-form-urlencoded` with `timezone=<iana_timezone>`
-### `GET /delete`
+### `DELETE /delete`
 Deletes the authenticated user's timezone entry. Requires Discord OAuth session.
@ -69,7 +70,3 @@ Starts OAuth2 authentication flow.
 ### `GET /auth/discord/callback`
 Handles OAuth2 redirect and sets a session cookie.
 ## License
 [BSD-3-Clause](LICENSE)
--- a/public/js/index.js
+++ b/public/js/index.js
@ -52,7 +52,11 @@ async function fetchUserInfo() {
 		deleteBtn.addEventListener("click", async () => {
 			try {
-				const res = await fetch("/delete", { credentials: "include" });
+				const res = await fetch("/delete", {
 					method: "DELETE",
 					credentials: "include"
 				});
 				if (!res.ok) throw new Error();
 				ts.clear();
@ -74,8 +78,11 @@ setBtn.addEventListener("click", async () => {
 	if (!timezone) return;
 	try {
-		const res = await fetch(`/set?timezone=${encodeURIComponent(timezone)}`, {
+		const res = await fetch("/set", {
 			method: "POST",
 			credentials: "include",
 			headers: { "Content-Type": "application/x-www-form-urlencoded" },
 			body: `timezone=${encodeURIComponent(timezone)}`
 		});
 		if (!res.ok) throw new Error();
 		statusMsg.textContent = "Timezone updated!";
--- a/src/routes/mod.rs
+++ b/src/routes/mod.rs
@ -2,13 +2,13 @@ use crate::db::AppState;
 use axum::{
    http::{HeaderValue, StatusCode},
    response::{Html, Response},
-    routing::{get, options},
+    routing::{delete, get, options, post},
    Router,
 };
 use std::fs;
 use tower_http::services::ServeDir;
-pub mod auth;
+mod auth;
 mod timezone;
 async fn preflight_handler() -> Response {
@ -18,7 +18,7 @@ async fn preflight_handler() -> Response {
    headers.insert("access-control-allow-origin", HeaderValue::from_static("*"));
    headers.insert(
        "access-control-allow-methods",
-        HeaderValue::from_static("GET, POST, OPTIONS"),
+        HeaderValue::from_static("GET, POST, DELETE, OPTIONS"),
    );
    headers.insert(
        "access-control-allow-headers",
@ -46,9 +46,9 @@ pub fn all() -> Router<AppState> {
    Router::new()
        .route("/", get(index_page))
        .route("/get", get(timezone::get_timezone))
-        .route("/set", get(timezone::set_timezone))
+        .route("/set", post(timezone::set_timezone))
        .route("/set", options(preflight_handler))
-        .route("/delete", get(timezone::delete_timezone))
+        .route("/delete", delete(timezone::delete_timezone))
        .route("/list", get(timezone::list_timezones))
        .route("/auth/discord", get(auth::start_oauth))
        .route("/auth/discord/callback", get(auth::handle_callback))
--- a/src/routes/timezone.rs
+++ b/src/routes/timezone.rs
@ -5,7 +5,7 @@ use axum::{
    extract::{Query, State},
    http::{HeaderMap, StatusCode},
    response::IntoResponse,
-    Json,
+    Form, Json,
 };
 use chrono_tz::Tz;
 use headers::{Cookie, HeaderMapExt};
@ -182,7 +182,7 @@ pub async fn delete_timezone(
 pub async fn set_timezone(
    State(state): State<AppState>,
    headers: HeaderMap,
-    Query(query): Query<SetQuery>,
+    Form(query): Form<SetQuery>,
 ) -> impl IntoResponse {
    let Some(cookie_header) = headers.typed_get::<Cookie>() else {
        return (