Add ID to URL in recipe updates

This makes the update URL more consistent with the other ones. A check
ensures consistency of the URL and JSON ID values.

3 files changed, 7 insertions, 2 deletions

diff --git a/controller/recipe.go b/controller/recipe.go
index 259e3bc..e58092a 100644
--- a/controller/recipe.go
+++ b/controller/recipe.go
@@ -24,6 +24,11 @@ func RecipeUpdate(w http.ResponseWriter, r *http.Request) {
 		return
 	}
 
+	if recipe.Id != mux.Vars(r)[`id`] {
+		http.Error(w, "IDs in URL and JSON do not match", http.StatusBadRequest)
+		return
+	}
+
 	err = recipe.Update()
 	if err != nil {
 		http.Error(w, err.Error(), http.StatusInternalServerError)
diff --git a/main.go b/main.go
index ec061c2..1660088 100644
--- a/main.go
+++ b/main.go
@@ -48,7 +48,7 @@ func startServer(addr string) *http.Server {
 	r.HandleFunc("/recipes", view.RecipesRead).Methods(`GET`)
 
 	r.HandleFunc("/recipe/{id:[0-9]+}", view.RecipeRead).Methods(`GET`)
-	r.HandleFunc("/recipe", controller.RecipeUpdate).Methods(`POST`)
+	r.HandleFunc("/recipe/{id:[0-9]+}", controller.RecipeUpdate).Methods(`POST`)
 	r.HandleFunc("/recipe/{id:[0-9]+}", controller.RecipeDelete).Methods(`DELETE`)
 
 	r.HandleFunc("/favicon.ico", view.FaviconRead).Methods(`GET`)
diff --git a/view/html/recipe-edit.html b/view/html/recipe-edit.html
index 2513be8..d7d9b45 100644
--- a/view/html/recipe-edit.html
+++ b/view/html/recipe-edit.html
@@ -10,7 +10,7 @@
 	</header>
 	<body>
 		<main>
-			<form action="/recipe?method=update">
+			<form action="/recipe/{{.Id}}">
 				<input type="hidden" name="id" value="{{.Id}}">
 
 				<p>