app.delete('/reviews/:id', function(req, res) {
var session = req.session;
if(session) {
var uid = session.passport.user;
Review.removeReview(uid, req.params.id)
.then(function(status) {
if(status) {
res.send(status);
}
});
}
});
app.delete('/books/:id/reviews/:uid', function(request, response) {
checkSecure(request);
// Validate the token again
if (request.query.access_token !== undefined) {
var token = request.query.access_token;
var book_id = request.params.id;
// Let's do the posting
database.removeReview(token, book_id, function(result) {
if (result.success) {
delete result.success;
response.json(result);
} else {
softError(result.status, result.message, response);
}
});
} else {
// Invalid access token
functions.sendError('NOTKN', 'No access token specified');
}
});