From 4734210ff92c267367923e3596aba346bf93d6ae Mon Sep 17 00:00:00 2001
From: Ben Woodward <ben@bdw.to>
Date: Tue, 8 Aug 2023 17:41:07 -0700
Subject: [PATCH] fix(admin): validate request param (#9)

Ensure we have an ID before attempting to delete
---
 handler.go | 8 +++++---
 1 file changed, 5 insertions(+), 3 deletions(-)

diff --git a/handler.go b/handler.go
index 9a79280..d3cc61f 100644
--- a/handler.go
+++ b/handler.go
@@ -99,15 +99,17 @@ func adminDeleteHandler(cfg Config, db relayer.Storage) func(http.ResponseWriter
 
 		var (
 			id = r.URL.Query().Get("id")
-			pk = r.URL.Query().Get("pubkey")
 		)
 
 		filter := nostr.Filter{}
 		if id != "" {
 			filter.IDs = []string{id}
 		}
-		if pk != "" {
-			filter.Authors = []string{pk}
+
+		if len(filter.IDs) == 0 {
+			w.WriteHeader(http.StatusBadRequest)
+			w.Write([]byte("must provide id param"))
+			return
 		}
 
 		ctx := context.Background()