this repo has no description
1
fork

Configure Feed

Select the types of activity you want to include in your feed.

feat(api): add DELETE /api/v1/links/{id} endpoint

Implements authorized deletion of links via the API v1 endpoint.
Requires X-API-Key header for remote requests; localhost is always
allowed. Returns 204 No Content on success, 403 Forbidden for
unauthorized requests, and 404 Not Found for non-existent links.

+272 -2
+27 -2
internal/handler/api_v1_links.go
··· 233 233 } 234 234 235 235 // apiV1DeleteLink handles DELETE /api/v1/links/{id} 236 - // Stub for now - to be implemented in Task 2.4 236 + // Requires X-API-Key header for authorization (localhost always allowed). 237 237 func (h *Handler) apiV1DeleteLink(w http.ResponseWriter, r *http.Request, id int) { 238 - writeAPIError(w, http.StatusNotImplemented, "not_implemented", "Not yet implemented") 238 + // Check authorization - requires X-API-Key header 239 + if !isAuthorizedAPIKey(r, h.Config.AdminSecret) { 240 + writeAPIError(w, http.StatusForbidden, "forbidden", "Invalid or missing API key") 241 + return 242 + } 243 + 244 + ctx := r.Context() 245 + 246 + // Check if link exists 247 + link, err := h.Store.GetIRCLinkByID(ctx, id) 248 + if err != nil { 249 + writeAPIError(w, http.StatusInternalServerError, "internal_error", "Failed to fetch link") 250 + return 251 + } 252 + if link == nil { 253 + writeAPIError(w, http.StatusNotFound, "not_found", "Link not found") 254 + return 255 + } 256 + 257 + // Delete the link 258 + if err := h.Store.DeleteIRCLink(ctx, id); err != nil { 259 + writeAPIError(w, http.StatusInternalServerError, "internal_error", "Failed to delete link") 260 + return 261 + } 262 + 263 + w.WriteHeader(http.StatusNoContent) // 204 239 264 }