From 3a617b7bfaa45667618d4f83ac305dc410b55b16 Mon Sep 17 00:00:00 2001
From: Brian Cao <brianbcao@gmail.com>
Date: Mon, 31 Oct 2022 18:50:05 -0700
Subject: [PATCH] fix account delete bug

---
 pages/api/accounts/[id]/index.js | 8 ++++++--
 1 file changed, 6 insertions(+), 2 deletions(-)

diff --git a/pages/api/accounts/[id]/index.js b/pages/api/accounts/[id]/index.js
index ae5fc434..c5f16d4e 100644
--- a/pages/api/accounts/[id]/index.js
+++ b/pages/api/accounts/[id]/index.js
@@ -43,7 +43,7 @@ export default async (req, res) => {
       const accountByUsername = await getAccount({ username });
 
       if (accountByUsername) {
-        return badRequest(res, 'Account already exists');
+        return badRequest(res, 'Account already exists.');
       }
     }
 
@@ -53,11 +53,15 @@ export default async (req, res) => {
   }
 
   if (req.method === 'DELETE') {
+    if (id === userId) {
+      return badRequest(res, 'You cannot delete your own account.');
+    }
+
     if (!isAdmin) {
       return unauthorized(res);
     }
 
-    await deleteAccount(userId);
+    await deleteAccount(+id);
 
     return ok(res);
   }