Stop using form elements for API

Just send the JSON as the request body
2025-10-31 09:53:27 -04:00 · 2017-11-13 20:48:19 -05:00
parent 9624f0c5bc
commit 5a6be5a07b
23 changed files with 87 additions and 159 deletions
--- a/internal/handlers/accounts.go
+++ b/internal/handlers/accounts.go
@@ -383,14 +383,8 @@ func AccountHandler(r *http.Request, context *Context) ResponseWriterWriter {
 			return AccountImportHandler(context, r, user, accountid)
 		}
 		account_json := r.PostFormValue("account")
 		if account_json == "" {
 			return NewError(3 /*Invalid Request*/)
 		}
 		var account Account
-		err := account.Read(account_json)
+		if err := ReadJSON(r, &account); err != nil {
 		if err != nil {
 			return NewError(3 /*Invalid Request*/)
 		}
 		account.AccountId = -1
@@ -452,14 +446,8 @@ func AccountHandler(r *http.Request, context *Context) ResponseWriterWriter {
 			return NewError(3 /*Invalid Request*/)
 		}
 		if r.Method == "PUT" {
 			account_json := r.PostFormValue("account")
 			if account_json == "" {
 				return NewError(3 /*Invalid Request*/)
 			}
 			var account Account
-			err := account.Read(account_json)
+			if err := ReadJSON(r, &account); err != nil || account.AccountId != accountid {
 			if err != nil || account.AccountId != accountid {
 				return NewError(3 /*Invalid Request*/)
 			}
 			account.UserId = user.UserId
--- a/internal/handlers/accounts_test.go
+++ b/internal/handlers/accounts_test.go
@@ -9,13 +9,13 @@ import (
 func createAccount(client *http.Client, account *handlers.Account) (*handlers.Account, error) {
 	var a handlers.Account
-	err := create(client, account, &a, "/v1/accounts/", "account")
+	err := create(client, account, &a, "/v1/accounts/")
 	return &a, err
 }
 func getAccount(client *http.Client, accountid int64) (*handlers.Account, error) {
 	var a handlers.Account
-	err := read(client, &a, "/v1/accounts/"+strconv.FormatInt(accountid, 10), "account")
+	err := read(client, &a, "/v1/accounts/"+strconv.FormatInt(accountid, 10))
 	if err != nil {
 		return nil, err
 	}
@@ -24,7 +24,7 @@ func getAccount(client *http.Client, accountid int64) (*handlers.Account, error)
 func getAccounts(client *http.Client) (*handlers.AccountList, error) {
 	var al handlers.AccountList
-	err := read(client, &al, "/v1/accounts/", "accounts")
+	err := read(client, &al, "/v1/accounts/")
 	if err != nil {
 		return nil, err
 	}
@@ -33,7 +33,7 @@ func getAccounts(client *http.Client) (*handlers.AccountList, error) {
 func updateAccount(client *http.Client, account *handlers.Account) (*handlers.Account, error) {
 	var a handlers.Account
-	err := update(client, account, &a, "/v1/accounts/"+strconv.FormatInt(account.AccountId, 10), "account")
+	err := update(client, account, &a, "/v1/accounts/"+strconv.FormatInt(account.AccountId, 10))
 	if err != nil {
 		return nil, err
 	}
@@ -41,7 +41,7 @@ func updateAccount(client *http.Client, account *handlers.Account) (*handlers.Ac
 }
 func deleteAccount(client *http.Client, a *handlers.Account) error {
-	err := remove(client, "/v1/accounts/"+strconv.FormatInt(a.AccountId, 10), "account")
+	err := remove(client, "/v1/accounts/"+strconv.FormatInt(a.AccountId, 10))
 	if err != nil {
 		return err
 	}
--- a/internal/handlers/common_test.go
+++ b/internal/handlers/common_test.go
@@ -1,18 +1,18 @@
 package handlers_test
 import (
 	"bytes"
 	"database/sql"
 	"encoding/json"
 	"github.com/aclindsa/moneygo/internal/config"
 	"github.com/aclindsa/moneygo/internal/db"
 	"github.com/aclindsa/moneygo/internal/handlers"
 	"io"
 	"io/ioutil"
 	"log"
 	"net/http"
 	"net/http/httptest"
 	"net/url"
 	"os"
 	"strings"
 	"testing"
 )
@@ -26,12 +26,12 @@ func Delete(client *http.Client, url string) (*http.Response, error) {
 	return client.Do(request)
 }
-func PutForm(client *http.Client, url string, data url.Values) (*http.Response, error) {
+func Put(client *http.Client, url string, contentType string, body io.Reader) (*http.Response, error) {
-	request, err := http.NewRequest(http.MethodPut, url, strings.NewReader(data.Encode()))
+	request, err := http.NewRequest(http.MethodPut, url, body)
 	if err != nil {
 		return nil, err
 	}
-	request.Header.Set("Content-Type", "application/x-www-form-urlencoded")
+	request.Header.Set("Content-Type", contentType)
 	return client.Do(request)
 }
@@ -39,12 +39,12 @@ type TransactType interface {
 	Read(string) error
 }
-func create(client *http.Client, input, output TransactType, urlsuffix, key string) error {
+func create(client *http.Client, input, output TransactType, urlsuffix string) error {
-	bytes, err := json.Marshal(input)
+	obj, err := json.MarshalIndent(input, "", "  ")
 	if err != nil {
 		return err
 	}
-	response, err := client.PostForm(server.URL+urlsuffix, url.Values{key: {string(bytes)}})
+	response, err := client.Post(server.URL+urlsuffix, "application/json", bytes.NewReader(obj))
 	if err != nil {
 		return err
 	}
@@ -72,7 +72,7 @@ func create(client *http.Client, input, output TransactType, urlsuffix, key stri
 	return nil
 }
-func read(client *http.Client, output TransactType, urlsuffix, key string) error {
+func read(client *http.Client, output TransactType, urlsuffix string) error {
 	response, err := client.Get(server.URL + urlsuffix)
 	if err != nil {
 		return err
@@ -101,12 +101,12 @@ func read(client *http.Client, output TransactType, urlsuffix, key string) error
 	return nil
 }
-func update(client *http.Client, input, output TransactType, urlsuffix, key string) error {
+func update(client *http.Client, input, output TransactType, urlsuffix string) error {
-	bytes, err := json.Marshal(input)
+	obj, err := json.MarshalIndent(input, "", "  ")
 	if err != nil {
 		return err
 	}
-	response, err := PutForm(client, server.URL+urlsuffix, url.Values{key: {string(bytes)}})
+	response, err := Put(client, server.URL+urlsuffix, "application/json", bytes.NewReader(obj))
 	if err != nil {
 		return err
 	}
@@ -134,7 +134,7 @@ func update(client *http.Client, input, output TransactType, urlsuffix, key stri
 	return nil
 }
-func remove(client *http.Client, urlsuffix, key string) error {
+func remove(client *http.Client, urlsuffix string) error {
 	response, err := Delete(client, server.URL+urlsuffix)
 	if err != nil {
 		return err
--- a/internal/handlers/imports.go
+++ b/internal/handlers/imports.go
@@ -211,14 +211,8 @@ func ofxImportHelper(tx *Tx, r io.Reader, user *User, accountid int64) ResponseW
 }
 func OFXImportHandler(context *Context, r *http.Request, user *User, accountid int64) ResponseWriterWriter {
 	download_json := r.PostFormValue("ofxdownload")
 	if download_json == "" {
 		return NewError(3 /*Invalid Request*/)
 	}
 	var ofxdownload OFXDownload
-	err := ofxdownload.Read(download_json)
+	if err := ReadJSON(r, &ofxdownload); err != nil {
 	if err != nil {
 		return NewError(3 /*Invalid Request*/)
 	}
--- a/internal/handlers/prices.go
+++ b/internal/handlers/prices.go
@@ -136,14 +136,8 @@ func PriceHandler(r *http.Request, context *Context) ResponseWriterWriter {
 	}
 	if r.Method == "POST" {
 		price_json := r.PostFormValue("price")
 		if price_json == "" {
 			return NewError(3 /*Invalid Request*/)
 		}
 		var price Price
-		err := price.Read(price_json)
+		if err := ReadJSON(r, &price); err != nil {
 		if err != nil {
 			return NewError(3 /*Invalid Request*/)
 		}
 		price.PriceId = -1
@@ -196,14 +190,8 @@ func PriceHandler(r *http.Request, context *Context) ResponseWriterWriter {
 			return NewError(3 /*Invalid Request*/)
 		}
 		if r.Method == "PUT" {
 			price_json := r.PostFormValue("price")
 			if price_json == "" {
 				return NewError(3 /*Invalid Request*/)
 			}
 			var price Price
-			err := price.Read(price_json)
+			if err := ReadJSON(r, &price); err != nil || price.PriceId != priceid {
 			if err != nil || price.PriceId != priceid {
 				return NewError(3 /*Invalid Request*/)
 			}
--- a/internal/handlers/prices_test.go
+++ b/internal/handlers/prices_test.go
@@ -10,13 +10,13 @@ import (
 func createPrice(client *http.Client, price *handlers.Price) (*handlers.Price, error) {
 	var p handlers.Price
-	err := create(client, price, &p, "/v1/prices/", "price")
+	err := create(client, price, &p, "/v1/prices/")
 	return &p, err
 }
 func getPrice(client *http.Client, priceid int64) (*handlers.Price, error) {
 	var p handlers.Price
-	err := read(client, &p, "/v1/prices/"+strconv.FormatInt(priceid, 10), "price")
+	err := read(client, &p, "/v1/prices/"+strconv.FormatInt(priceid, 10))
 	if err != nil {
 		return nil, err
 	}
@@ -25,7 +25,7 @@ func getPrice(client *http.Client, priceid int64) (*handlers.Price, error) {
 func getPrices(client *http.Client) (*handlers.PriceList, error) {
 	var pl handlers.PriceList
-	err := read(client, &pl, "/v1/prices/", "prices")
+	err := read(client, &pl, "/v1/prices/")
 	if err != nil {
 		return nil, err
 	}
@@ -34,7 +34,7 @@ func getPrices(client *http.Client) (*handlers.PriceList, error) {
 func updatePrice(client *http.Client, price *handlers.Price) (*handlers.Price, error) {
 	var p handlers.Price
-	err := update(client, price, &p, "/v1/prices/"+strconv.FormatInt(price.PriceId, 10), "price")
+	err := update(client, price, &p, "/v1/prices/"+strconv.FormatInt(price.PriceId, 10))
 	if err != nil {
 		return nil, err
 	}
@@ -42,7 +42,7 @@ func updatePrice(client *http.Client, price *handlers.Price) (*handlers.Price, e
 }
 func deletePrice(client *http.Client, p *handlers.Price) error {
-	err := remove(client, "/v1/prices/"+strconv.FormatInt(p.PriceId, 10), "price")
+	err := remove(client, "/v1/prices/"+strconv.FormatInt(p.PriceId, 10))
 	if err != nil {
 		return err
 	}
--- a/internal/handlers/reports.go
+++ b/internal/handlers/reports.go
@@ -223,14 +223,8 @@ func ReportHandler(r *http.Request, context *Context) ResponseWriterWriter {
 	}
 	if r.Method == "POST" {
 		report_json := r.PostFormValue("report")
 		if report_json == "" {
 			return NewError(3 /*Invalid Request*/)
 		}
 		var report Report
-		err := report.Read(report_json)
+		if err := ReadJSON(r, &report); err != nil {
 		if err != nil {
 			return NewError(3 /*Invalid Request*/)
 		}
 		report.ReportId = -1
@@ -283,14 +277,8 @@ func ReportHandler(r *http.Request, context *Context) ResponseWriterWriter {
 		}
 		if r.Method == "PUT" {
 			report_json := r.PostFormValue("report")
 			if report_json == "" {
 				return NewError(3 /*Invalid Request*/)
 			}
 			var report Report
-			err := report.Read(report_json)
+			if err := ReadJSON(r, &report); err != nil || report.ReportId != reportid {
 			if err != nil || report.ReportId != reportid {
 				return NewError(3 /*Invalid Request*/)
 			}
 			report.UserId = user.UserId
--- a/internal/handlers/reports_test.go
+++ b/internal/handlers/reports_test.go
@@ -9,13 +9,13 @@ import (
 func createReport(client *http.Client, report *handlers.Report) (*handlers.Report, error) {
 	var r handlers.Report
-	err := create(client, report, &r, "/v1/reports/", "report")
+	err := create(client, report, &r, "/v1/reports/")
 	return &r, err
 }
 func getReport(client *http.Client, reportid int64) (*handlers.Report, error) {
 	var r handlers.Report
-	err := read(client, &r, "/v1/reports/"+strconv.FormatInt(reportid, 10), "report")
+	err := read(client, &r, "/v1/reports/"+strconv.FormatInt(reportid, 10))
 	if err != nil {
 		return nil, err
 	}
@@ -24,7 +24,7 @@ func getReport(client *http.Client, reportid int64) (*handlers.Report, error) {
 func getReports(client *http.Client) (*handlers.ReportList, error) {
 	var rl handlers.ReportList
-	err := read(client, &rl, "/v1/reports/", "reports")
+	err := read(client, &rl, "/v1/reports/")
 	if err != nil {
 		return nil, err
 	}
@@ -33,7 +33,7 @@ func getReports(client *http.Client) (*handlers.ReportList, error) {
 func updateReport(client *http.Client, report *handlers.Report) (*handlers.Report, error) {
 	var r handlers.Report
-	err := update(client, report, &r, "/v1/reports/"+strconv.FormatInt(report.ReportId, 10), "report")
+	err := update(client, report, &r, "/v1/reports/"+strconv.FormatInt(report.ReportId, 10))
 	if err != nil {
 		return nil, err
 	}
@@ -41,7 +41,7 @@ func updateReport(client *http.Client, report *handlers.Report) (*handlers.Repor
 }
 func deleteReport(client *http.Client, r *handlers.Report) error {
-	err := remove(client, "/v1/reports/"+strconv.FormatInt(r.ReportId, 10), "report")
+	err := remove(client, "/v1/reports/"+strconv.FormatInt(r.ReportId, 10))
 	if err != nil {
 		return err
 	}
@@ -50,7 +50,7 @@ func deleteReport(client *http.Client, r *handlers.Report) error {
 func tabulateReport(client *http.Client, reportid int64) (*handlers.Tabulation, error) {
 	var t handlers.Tabulation
-	err := read(client, &t, "/v1/reports/"+strconv.FormatInt(reportid, 10)+"/tabulations", "tabulation")
+	err := read(client, &t, "/v1/reports/"+strconv.FormatInt(reportid, 10)+"/tabulations")
 	if err != nil {
 		return nil, err
 	}
--- a/internal/handlers/securities.go
+++ b/internal/handlers/securities.go
@@ -253,14 +253,8 @@ func SecurityHandler(r *http.Request, context *Context) ResponseWriterWriter {
 	}
 	if r.Method == "POST" {
 		security_json := r.PostFormValue("security")
 		if security_json == "" {
 			return NewError(3 /*Invalid Request*/)
 		}
 		var security Security
-		err := security.Read(security_json)
+		if err := ReadJSON(r, &security); err != nil {
 		if err != nil {
 			return NewError(3 /*Invalid Request*/)
 		}
 		security.SecurityId = -1
@@ -304,14 +298,8 @@ func SecurityHandler(r *http.Request, context *Context) ResponseWriterWriter {
 			return NewError(3 /*Invalid Request*/)
 		}
 		if r.Method == "PUT" {
 			security_json := r.PostFormValue("security")
 			if security_json == "" {
 				return NewError(3 /*Invalid Request*/)
 			}
 			var security Security
-			err := security.Read(security_json)
+			if err := ReadJSON(r, &security); err != nil || security.SecurityId != securityid {
 			if err != nil || security.SecurityId != securityid {
 				return NewError(3 /*Invalid Request*/)
 			}
 			security.UserId = user.UserId
--- a/internal/handlers/securities_test.go
+++ b/internal/handlers/securities_test.go
@@ -9,13 +9,13 @@ import (
 func createSecurity(client *http.Client, security *handlers.Security) (*handlers.Security, error) {
 	var s handlers.Security
-	err := create(client, security, &s, "/v1/securities/", "security")
+	err := create(client, security, &s, "/v1/securities/")
 	return &s, err
 }
 func getSecurity(client *http.Client, securityid int64) (*handlers.Security, error) {
 	var s handlers.Security
-	err := read(client, &s, "/v1/securities/"+strconv.FormatInt(securityid, 10), "security")
+	err := read(client, &s, "/v1/securities/"+strconv.FormatInt(securityid, 10))
 	if err != nil {
 		return nil, err
 	}
@@ -24,7 +24,7 @@ func getSecurity(client *http.Client, securityid int64) (*handlers.Security, err
 func getSecurities(client *http.Client) (*handlers.SecurityList, error) {
 	var sl handlers.SecurityList
-	err := read(client, &sl, "/v1/securities/", "securities")
+	err := read(client, &sl, "/v1/securities/")
 	if err != nil {
 		return nil, err
 	}
@@ -33,7 +33,7 @@ func getSecurities(client *http.Client) (*handlers.SecurityList, error) {
 func updateSecurity(client *http.Client, security *handlers.Security) (*handlers.Security, error) {
 	var s handlers.Security
-	err := update(client, security, &s, "/v1/securities/"+strconv.FormatInt(security.SecurityId, 10), "security")
+	err := update(client, security, &s, "/v1/securities/"+strconv.FormatInt(security.SecurityId, 10))
 	if err != nil {
 		return nil, err
 	}
@@ -41,7 +41,7 @@ func updateSecurity(client *http.Client, security *handlers.Security) (*handlers
 }
 func deleteSecurity(client *http.Client, s *handlers.Security) error {
-	err := remove(client, "/v1/securities/"+strconv.FormatInt(s.SecurityId, 10), "security")
+	err := remove(client, "/v1/securities/"+strconv.FormatInt(s.SecurityId, 10))
 	if err != nil {
 		return err
 	}
--- a/internal/handlers/sessions.go
+++ b/internal/handlers/sessions.go
@@ -103,14 +103,8 @@ func NewSession(tx *Tx, r *http.Request, userid int64) (*NewSessionWriter, error
 func SessionHandler(r *http.Request, context *Context) ResponseWriterWriter {
 	if r.Method == "POST" || r.Method == "PUT" {
-		user_json := r.PostFormValue("user")
+		var user User
-		if user_json == "" {
+		if err := ReadJSON(r, &user); err != nil {
 			return NewError(3 /*Invalid Request*/)
 		}
 		user := User{}
 		err := user.Read(user_json)
 		if err != nil {
 			return NewError(3 /*Invalid Request*/)
 		}
--- a/internal/handlers/sessions_test.go
+++ b/internal/handlers/sessions_test.go
@@ -21,19 +21,19 @@ func newSession(user *User) (*http.Client, error) {
 	client = *server.Client()
 	client.Jar = jar
-	create(&client, user, &u, "/v1/sessions/", "user")
+	create(&client, user, &u, "/v1/sessions/")
 	return &client, nil
 }
 func getSession(client *http.Client) (*handlers.Session, error) {
 	var s handlers.Session
-	err := read(client, &s, "/v1/sessions/", "session")
+	err := read(client, &s, "/v1/sessions/")
 	return &s, err
 }
 func deleteSession(client *http.Client) error {
-	return remove(client, "/v1/sessions/", "session")
+	return remove(client, "/v1/sessions/")
 }
 func sessionExistsOrError(c *http.Client) error {
--- a/internal/handlers/transactions.go
+++ b/internal/handlers/transactions.go
@@ -407,14 +407,8 @@ func TransactionHandler(r *http.Request, context *Context) ResponseWriterWriter
 	}
 	if r.Method == "POST" {
 		transaction_json := r.PostFormValue("transaction")
 		if transaction_json == "" {
 			return NewError(3 /*Invalid Request*/)
 		}
 		var transaction Transaction
-		err := transaction.Read(transaction_json)
+		if err := ReadJSON(r, &transaction); err != nil {
 		if err != nil {
 			return NewError(3 /*Invalid Request*/)
 		}
 		transaction.TransactionId = -1
@@ -480,14 +474,8 @@ func TransactionHandler(r *http.Request, context *Context) ResponseWriterWriter
 			return NewError(3 /*Invalid Request*/)
 		}
 		if r.Method == "PUT" {
 			transaction_json := r.PostFormValue("transaction")
 			if transaction_json == "" {
 				return NewError(3 /*Invalid Request*/)
 			}
 			var transaction Transaction
-			err := transaction.Read(transaction_json)
+			if err := ReadJSON(r, &transaction); err != nil || transaction.TransactionId != transactionid {
 			if err != nil || transaction.TransactionId != transactionid {
 				return NewError(3 /*Invalid Request*/)
 			}
 			transaction.UserId = user.UserId
--- a/internal/handlers/transactions_test.go
+++ b/internal/handlers/transactions_test.go
@@ -12,13 +12,13 @@ import (
 func createTransaction(client *http.Client, transaction *handlers.Transaction) (*handlers.Transaction, error) {
 	var s handlers.Transaction
-	err := create(client, transaction, &s, "/v1/transactions/", "transaction")
+	err := create(client, transaction, &s, "/v1/transactions/")
 	return &s, err
 }
 func getTransaction(client *http.Client, transactionid int64) (*handlers.Transaction, error) {
 	var s handlers.Transaction
-	err := read(client, &s, "/v1/transactions/"+strconv.FormatInt(transactionid, 10), "transaction")
+	err := read(client, &s, "/v1/transactions/"+strconv.FormatInt(transactionid, 10))
 	if err != nil {
 		return nil, err
 	}
@@ -27,7 +27,7 @@ func getTransaction(client *http.Client, transactionid int64) (*handlers.Transac
 func getTransactions(client *http.Client) (*handlers.TransactionList, error) {
 	var tl handlers.TransactionList
-	err := read(client, &tl, "/v1/transactions/", "transactions")
+	err := read(client, &tl, "/v1/transactions/")
 	if err != nil {
 		return nil, err
 	}
@@ -50,7 +50,7 @@ func getAccountTransactions(client *http.Client, accountid, page, limit int64, s
 		query += "?" + params.Encode()
 	}
-	err := read(client, &atl, query, "accounttransactions")
+	err := read(client, &atl, query)
 	if err != nil {
 		return nil, err
 	}
@@ -59,7 +59,7 @@ func getAccountTransactions(client *http.Client, accountid, page, limit int64, s
 func updateTransaction(client *http.Client, transaction *handlers.Transaction) (*handlers.Transaction, error) {
 	var s handlers.Transaction
-	err := update(client, transaction, &s, "/v1/transactions/"+strconv.FormatInt(transaction.TransactionId, 10), "transaction")
+	err := update(client, transaction, &s, "/v1/transactions/"+strconv.FormatInt(transaction.TransactionId, 10))
 	if err != nil {
 		return nil, err
 	}
@@ -67,7 +67,7 @@ func updateTransaction(client *http.Client, transaction *handlers.Transaction) (
 }
 func deleteTransaction(client *http.Client, s *handlers.Transaction) error {
-	err := remove(client, "/v1/transactions/"+strconv.FormatInt(s.TransactionId, 10), "transaction")
+	err := remove(client, "/v1/transactions/"+strconv.FormatInt(s.TransactionId, 10))
 	if err != nil {
 		return err
 	}
--- a/internal/handlers/users.go
+++ b/internal/handlers/users.go
@@ -177,20 +177,14 @@ func DeleteUser(tx *Tx, u *User) error {
 func UserHandler(r *http.Request, context *Context) ResponseWriterWriter {
 	if r.Method == "POST" {
 		user_json := r.PostFormValue("user")
 		if user_json == "" {
 			return NewError(3 /*Invalid Request*/)
 		}
 		var user User
-		err := user.Read(user_json)
+		if err := ReadJSON(r, &user); err != nil {
 		if err != nil {
 			return NewError(3 /*Invalid Request*/)
 		}
 		user.UserId = -1
 		user.HashPassword()
-		err = InsertUser(context.Tx, &user)
+		err := InsertUser(context.Tx, &user)
 		if err != nil {
 			if _, ok := err.(UserExistsError); ok {
 				return NewError(4 /*User Exists*/)
@@ -219,16 +213,10 @@ func UserHandler(r *http.Request, context *Context) ResponseWriterWriter {
 		if r.Method == "GET" {
 			return user
 		} else if r.Method == "PUT" {
 			user_json := r.PostFormValue("user")
 			if user_json == "" {
 				return NewError(3 /*Invalid Request*/)
 			}
 			// Save old PWHash in case the new password is bogus
 			old_pwhash := user.PasswordHash
-			err = user.Read(user_json)
+			if err := ReadJSON(r, &user); err != nil || user.UserId != userid {
 			if err != nil || user.UserId != userid {
 				return NewError(3 /*Invalid Request*/)
 			}
--- a/internal/handlers/users_test.go
+++ b/internal/handlers/users_test.go
@@ -9,13 +9,13 @@ import (
 func createUser(user *User) (*User, error) {
 	var u User
-	err := create(server.Client(), user, &u, "/v1/users/", "user")
+	err := create(server.Client(), user, &u, "/v1/users/")
 	return &u, err
 }
 func getUser(client *http.Client, userid int64) (*User, error) {
 	var u User
-	err := read(client, &u, "/v1/users/"+strconv.FormatInt(userid, 10), "user")
+	err := read(client, &u, "/v1/users/"+strconv.FormatInt(userid, 10))
 	if err != nil {
 		return nil, err
 	}
@@ -24,7 +24,7 @@ func getUser(client *http.Client, userid int64) (*User, error) {
 func updateUser(client *http.Client, user *User) (*User, error) {
 	var u User
-	err := update(client, user, &u, "/v1/users/"+strconv.FormatInt(user.UserId, 10), "user")
+	err := update(client, user, &u, "/v1/users/"+strconv.FormatInt(user.UserId, 10))
 	if err != nil {
 		return nil, err
 	}
@@ -32,7 +32,7 @@ func updateUser(client *http.Client, user *User) (*User, error) {
 }
 func deleteUser(client *http.Client, u *User) error {
-	err := remove(client, "/v1/users/"+strconv.FormatInt(u.UserId, 10), "user")
+	err := remove(client, "/v1/users/"+strconv.FormatInt(u.UserId, 10))
 	if err != nil {
 		return err
 	}
--- a/internal/handlers/util.go
+++ b/internal/handlers/util.go
@@ -1,10 +1,22 @@
 package handlers
 import (
 	"encoding/json"
 	"fmt"
 	"io"
 	"io/ioutil"
 	"net/http"
 )
 func ReadJSON(r *http.Request, v interface{}) error {
 	jsonstring, err := ioutil.ReadAll(io.LimitReader(r.Body, 10*1024*1024 /*10Mb*/))
 	if err != nil {
 		return err
 	}
 	return json.Unmarshal(jsonstring, v)
 }
 type ResponseWrapper struct {
 	Code   int
 	Writer ResponseWriterWriter
--- a/js/actions/AccountActions.js
+++ b/js/actions/AccountActions.js
@@ -101,7 +101,7 @@ function create(account) {
 			type: "POST",
 			dataType: "json",
 			url: "v1/accounts/",
-			data: {account: account.toJSON()},
+			data: account.toJSON(),
 			success: function(data, status, jqXHR) {
 				var e = new Error();
 				e.fromJSON(data);
@@ -128,7 +128,7 @@ function update(account) {
 			type: "PUT",
 			dataType: "json",
 			url: "v1/accounts/"+account.AccountId+"/",
-			data: {account: account.toJSON()},
+			data: account.toJSON(),
 			success: function(data, status, jqXHR) {
 				var e = new Error();
 				e.fromJSON(data);
--- a/js/actions/ImportActions.js
+++ b/js/actions/ImportActions.js
@@ -60,7 +60,7 @@ function importOFX(account, password, startDate, endDate) {
 			type: "POST",
 			dataType: "json",
 			url: "v1/accounts/"+account.AccountId+"/imports/ofx",
-			data: {ofxdownload: ofxdownload.toJSON()},
+			data: ofxdownload.toJSON(),
 			success: function(data, status, jqXHR) {
 				var e = new Error();
 				e.fromJSON(data);
--- a/js/actions/ReportActions.js
+++ b/js/actions/ReportActions.js
@@ -130,7 +130,7 @@ function create(report) {
 			type: "POST",
 			dataType: "json",
 			url: "v1/reports/",
-			data: {report: report.toJSON()},
+			data: report.toJSON(),
 			success: function(data, status, jqXHR) {
 				var e = new Error();
 				e.fromJSON(data);
@@ -157,7 +157,7 @@ function update(report) {
 			type: "PUT",
 			dataType: "json",
 			url: "v1/reports/"+report.ReportId+"/",
-			data: {report: report.toJSON()},
+			data: report.toJSON(),
 			success: function(data, status, jqXHR) {
 				var e = new Error();
 				e.fromJSON(data);
--- a/js/actions/SecurityActions.js
+++ b/js/actions/SecurityActions.js
@@ -101,7 +101,7 @@ function create(security) {
 			type: "POST",
 			dataType: "json",
 			url: "v1/securities/",
-			data: {security: security.toJSON()},
+			data: security.toJSON(),
 			success: function(data, status, jqXHR) {
 				var e = new Error();
 				e.fromJSON(data);
@@ -128,7 +128,7 @@ function update(security) {
 			type: "PUT",
 			dataType: "json",
 			url: "v1/securities/"+security.SecurityId+"/",
-			data: {security: security.toJSON()},
+			data: security.toJSON(),
 			success: function(data, status, jqXHR) {
 				var e = new Error();
 				e.fromJSON(data);
--- a/js/actions/TransactionActions.js
+++ b/js/actions/TransactionActions.js
@@ -139,7 +139,7 @@ function create(transaction) {
 			type: "POST",
 			dataType: "json",
 			url: "v1/transactions/",
-			data: {transaction: transaction.toJSON()},
+			data: transaction.toJSON(),
 			success: function(data, status, jqXHR) {
 				var e = new Error();
 				e.fromJSON(data);
@@ -166,7 +166,7 @@ function update(transaction) {
 			type: "PUT",
 			dataType: "json",
 			url: "v1/transactions/"+transaction.TransactionId+"/",
-			data: {transaction: transaction.toJSON()},
+			data: transaction.toJSON(),
 			success: function(data, status, jqXHR) {
 				var e = new Error();
 				e.fromJSON(data);
--- a/js/actions/UserActions.js
+++ b/js/actions/UserActions.js
@@ -116,7 +116,7 @@ function create(user) {
 			type: "POST",
 			dataType: "json",
 			url: "v1/users/",
-			data: {user: user.toJSON()},
+			data: user.toJSON(),
 			success: function(data, status, jqXHR) {
 				var e = new Error();
 				e.fromJSON(data);
@@ -143,7 +143,7 @@ function login(user) {
 			type: "POST",
 			dataType: "json",
 			url: "v1/sessions/",
-			data: {user: user.toJSON()},
+			data: user.toJSON(),
 			success: function(data, status, jqXHR) {
 				var e = new Error();
 				e.fromJSON(data);
@@ -220,7 +220,7 @@ function update(user) {
 			type: "PUT",
 			dataType: "json",
 			url: "v1/users/"+user.UserId+"/",
-			data: {user: user.toJSON()},
+			data: user.toJSON(),
 			success: function(data, status, jqXHR) {
 				var e = new Error();
 				e.fromJSON(data);