diff --git a/server/routes/api.js b/server/routes/api.js
index 809e808..e260b37 100644
--- a/server/routes/api.js
+++ b/server/routes/api.js
@@ -60,6 +60,20 @@ function createSession (req, user) {
   }
 }
 
+// Get either `uuid` or `id` from `:id` parameter
+function idParam (req) {
+  let id = req.params.id
+  if (id.length === 36 && id.match(/^[0-9a-f]{8}-[0-9a-f]{4}-[1-5][0-9a-f]{3}-[89ab][0-9a-f]{3}-[0-9a-f]{12}$/i)) {
+    return id
+  }
+
+  if (!isNaN(parseInt(id))) {
+    return parseInt(id)
+  }
+
+  return null
+}
+
 // Either give JSON or make a redirect
 function JsonData (req, res, error, redirect = '/') {
   res.jsonp({error: error, redirect: redirect})
@@ -429,8 +443,8 @@ router.get('/avatar', wrap(async (req, res, next) => {
 
 // Get latest avatar of user by id
 router.get('/avatar/:id', wrap(async (req, res, next) => {
-  let id = parseInt(req.params.id)
-  if (isNaN(id)) return next()
+  let id = idParam(req)
+  if (!id) return next()
 
   let user = await API.User.get(id)