+5

appview/state/router.go

reviewed

··· 178 178 r.Delete("/", s.Follow) 179 179 }) 180 180 181 181 + r.With(middleware.AuthMiddleware(s.oauth)).Route("/vouch", func(r chi.Router) { 182 182 + r.Post("/", s.Vouch) 183 183 + r.Delete("/", s.Vouch) 184 184 + }) 185 185 + 181 186 r.With(middleware.AuthMiddleware(s.oauth)).Route("/star", func(r chi.Router) { 182 187 r.Post("/", s.Star) 183 188 r.Delete("/", s.Star)

+132

appview/state/vouch.go

reviewed

··· 1 1 + package state 2 2 + 3 3 + import ( 4 4 + "encoding/json" 5 5 + "net/http" 6 6 + "time" 7 7 + 8 8 + comatproto "github.com/bluesky-social/indigo/api/atproto" 9 9 + lexutil "github.com/bluesky-social/indigo/lex/util" 10 10 + "tangled.org/core/api/tangled" 11 11 + "tangled.org/core/appview/db" 12 12 + "tangled.org/core/appview/models" 13 13 + ) 14 14 + 15 15 + func (s *State) Vouch(w http.ResponseWriter, r *http.Request) { 16 16 + l := s.logger.With("handler", "Vouch") 17 17 + currentUser := s.oauth.GetMultiAccountUser(r) 18 18 + 19 19 + subject := r.URL.Query().Get("subject") 20 20 + if subject == "" { 21 21 + l.Warn("invalid form: missing subject") 22 22 + http.Error(w, "missing subject", http.StatusBadRequest) 23 23 + return 24 24 + } 25 25 + 26 26 + kind := r.URL.Query().Get("kind") 27 27 + if kind == "" { 28 28 + kind = "vouch" 29 29 + } 30 30 + if kind != "vouch" && kind != "denounce" { 31 31 + l.Warn("invalid kind", "kind", kind) 32 32 + http.Error(w, "invalid kind", http.StatusBadRequest) 33 33 + return 34 34 + } 35 35 + 36 36 + reason := r.URL.Query().Get("reason") 37 37 + 38 38 + subjectIdent, err := s.idResolver.ResolveIdent(r.Context(), subject) 39 39 + if err != nil { 40 40 + l.Error("failed to vouch, invalid did", "subject", subject, "err", err) 41 41 + http.Error(w, "invalid subject", http.StatusBadRequest) 42 42 + return 43 43 + } 44 44 + 45 45 + if currentUser.Active.Did == subjectIdent.DID.String() { 46 46 + l.Warn("cant vouch or denounce yourself") 47 47 + http.Error(w, "cannot vouch yourself", http.StatusBadRequest) 48 48 + return 49 49 + } 50 50 + 51 51 + client, err := s.oauth.AuthorizedClient(r) 52 52 + if err != nil { 53 53 + l.Error("failed to authorize client", "err", err) 54 54 + http.Error(w, "unauthorized", http.StatusUnauthorized) 55 55 + return 56 56 + } 57 57 + 58 58 + switch r.Method { 59 59 + case http.MethodPost: 60 60 + createdAt := time.Now().Format(time.RFC3339) 61 61 + subjectDid := subjectIdent.DID.String() 62 62 + 63 63 + var reasonPtr *string 64 64 + if reason != "" { 65 65 + reasonPtr = &reason 66 66 + } 67 67 + 68 68 + resp, err := comatproto.RepoPutRecord(r.Context(), client, &comatproto.RepoPutRecord_Input{ 69 69 + Collection: tangled.GraphVouchNSID, 70 70 + Repo: currentUser.Active.Did, 71 71 + Rkey: subjectDid, 72 72 + Record: &lexutil.LexiconTypeDecoder{ 73 73 + Val: &tangled.GraphVouch{ 74 74 + Kind: &kind, 75 75 + Reason: reasonPtr, 76 76 + CreatedAt: createdAt, 77 77 + }}, 78 78 + }) 79 79 + if err != nil { 80 80 + l.Error("failed to create atproto record", "err", err) 81 81 + http.Error(w, "failed to create vouch", http.StatusInternalServerError) 82 82 + return 83 83 + } 84 84 + 85 85 + l.Info("created atproto record", "uri", resp.Uri, "kind", kind) 86 86 + 87 87 + vouch := &models.Vouch{ 88 88 + Did: currentUser.Active.Did, 89 89 + SubjectDid: subjectDid, 90 90 + Kind: kind, 91 91 + Reason: reasonPtr, 92 92 + } 93 93 + 94 94 + err = db.AddVouch(s.db, vouch) 95 95 + if err != nil { 96 96 + l.Error("failed to add vouch to db", "err", err) 97 97 + http.Error(w, "failed to add vouch", http.StatusInternalServerError) 98 98 + return 99 99 + } 100 100 + 101 101 + return 102 102 + 103 103 + case http.MethodDelete: 104 104 + subjectDid := subjectIdent.DID.String() 105 105 + 106 106 + _, err := db.GetVouch(s.db, currentUser.Active.Did, subjectDid) 107 107 + if err != nil { 108 108 + l.Error("failed to get vouch relationship", "err", err) 109 109 + http.Error(w, "vouch not found", http.StatusNotFound) 110 110 + return 111 111 + } 112 112 + 113 113 + _, err = comatproto.RepoDeleteRecord(r.Context(), client, &comatproto.RepoDeleteRecord_Input{ 114 114 + Collection: tangled.GraphVouchNSID, 115 115 + Repo: currentUser.Active.Did, 116 116 + Rkey: subjectDid, 117 117 + }) 118 118 + 119 119 + if err != nil { 120 120 + l.Error("failed to delete vouch record", "err", err) 121 121 + http.Error(w, "failed to delete vouch", http.StatusInternalServerError) 122 122 + return 123 123 + } 124 124 + 125 125 + err = db.DeleteVouch(s.db, currentUser.Active.Did, subjectDid) 126 126 + if err != nil { 127 127 + l.Warn("failed to delete vouch from DB", "err", err) 128 128 + } 129 129 + 130 130 + return 131 131 + } 132 132 + }