bretton.dev / coves
A community based topic aggregation platform built on atproto
fork atom
coves / internal / api / handlers / community / create.go
at feat/communities-v2-critical-fixes 2.0 kB view raw
1package community 2 3import ( 4 "encoding/json" 5 "net/http" 6 7 "Coves/internal/core/communities" 8) 9 10// CreateHandler handles community creation 11type CreateHandler struct { 12 service communities.Service 13} 14 15// NewCreateHandler creates a new create handler 16func NewCreateHandler(service communities.Service) *CreateHandler { 17 return &CreateHandler{ 18 service: service, 19 } 20} 21 22// HandleCreate creates a new community 23// POST /xrpc/social.coves.community.create 24// Body matches CreateCommunityRequest 25func (h *CreateHandler) HandleCreate(w http.ResponseWriter, r *http.Request) { 26 if r.Method != http.MethodPost { 27 http.Error(w, "Method not allowed", http.StatusMethodNotAllowed) 28 return 29 } 30 31 // Parse request body 32 var req communities.CreateCommunityRequest 33 if err := json.NewDecoder(r.Body).Decode(&req); err != nil { 34 writeError(w, http.StatusBadRequest, "InvalidRequest", "Invalid request body") 35 return 36 } 37 38 // TODO(Communities-OAuth): Extract authenticated user DID from request context 39 // This MUST be replaced with OAuth middleware before production deployment 40 // Expected implementation: 41 // userDID := r.Context().Value("authenticated_user_did").(string) 42 // req.CreatedByDID = userDID 43 // For now, we require client to send it (INSECURE - allows impersonation) 44 if req.CreatedByDID == "" { 45 writeError(w, http.StatusUnauthorized, "AuthRequired", "Authentication required") 46 return 47 } 48 49 if req.HostedByDID == "" { 50 writeError(w, http.StatusBadRequest, "InvalidRequest", "hostedByDid is required") 51 return 52 } 53 54 // Create community via service (write-forward to PDS) 55 community, err := h.service.CreateCommunity(r.Context(), req) 56 if err != nil { 57 handleServiceError(w, err) 58 return 59 } 60 61 // Return success response matching lexicon output 62 response := map[string]interface{}{ 63 "uri": community.RecordURI, 64 "cid": community.RecordCID, 65 "did": community.DID, 66 "handle": community.Handle, 67 } 68 69 w.Header().Set("Content-Type", "application/json") 70 w.WriteHeader(http.StatusOK) 71 json.NewEncoder(w).Encode(response) 72}