bretton.dev / coves
A community based topic aggregation platform built on atproto
fork atom
coves / internal / api / routes / aggregator.go
at feat/dpop-token-binding 2.6 kB view raw
1package routes 2 3import ( 4 "Coves/internal/api/handlers/aggregator" 5 "Coves/internal/api/middleware" 6 "Coves/internal/atproto/identity" 7 "Coves/internal/core/aggregators" 8 "Coves/internal/core/users" 9 "net/http" 10 "time" 11 12 "github.com/go-chi/chi/v5" 13) 14 15// RegisterAggregatorRoutes registers aggregator-related XRPC endpoints 16// Following Bluesky's pattern for feed generators and labelers 17func RegisterAggregatorRoutes( 18 r chi.Router, 19 aggregatorService aggregators.Service, 20 userService users.UserService, 21 identityResolver identity.Resolver, 22) { 23 // Create query handlers 24 getServicesHandler := aggregator.NewGetServicesHandler(aggregatorService) 25 getAuthorizationsHandler := aggregator.NewGetAuthorizationsHandler(aggregatorService) 26 listForCommunityHandler := aggregator.NewListForCommunityHandler(aggregatorService) 27 28 // Create registration handler 29 registerHandler := aggregator.NewRegisterHandler(userService, identityResolver) 30 31 // Query endpoints (public - no auth required) 32 // GET /xrpc/social.coves.aggregator.getServices?dids=did:plc:abc,did:plc:def 33 // Following app.bsky.feed.getFeedGenerators pattern 34 r.Get("/xrpc/social.coves.aggregator.getServices", getServicesHandler.HandleGetServices) 35 36 // GET /xrpc/social.coves.aggregator.getAuthorizations?aggregatorDid=did:plc:abc&enabledOnly=true 37 // Lists communities that authorized an aggregator 38 r.Get("/xrpc/social.coves.aggregator.getAuthorizations", getAuthorizationsHandler.HandleGetAuthorizations) 39 40 // GET /xrpc/social.coves.aggregator.listForCommunity?communityDid=did:plc:xyz&enabledOnly=true 41 // Lists aggregators authorized by a community 42 r.Get("/xrpc/social.coves.aggregator.listForCommunity", listForCommunityHandler.HandleListForCommunity) 43 44 // Registration endpoint (public - no auth required) 45 // Aggregators register themselves after creating their own PDS accounts 46 // POST /xrpc/social.coves.aggregator.register 47 // Rate limited to 10 requests per 10 minutes per IP to prevent abuse 48 registrationRateLimiter := middleware.NewRateLimiter(10, 10*time.Minute) 49 r.Post("/xrpc/social.coves.aggregator.register", 50 registrationRateLimiter.Middleware(http.HandlerFunc(registerHandler.HandleRegister)).ServeHTTP) 51 52 // Write endpoints (Phase 2 - require authentication and moderator permissions) 53 // TODO: Implement after Jetstream consumer is ready 54 // POST /xrpc/social.coves.aggregator.enable (requires auth + moderator) 55 // POST /xrpc/social.coves.aggregator.disable (requires auth + moderator) 56 // POST /xrpc/social.coves.aggregator.updateConfig (requires auth + moderator) 57}