bretton.dev / coves
A community based topic aggregation platform built on atproto
fork atom

feat(posts): add XRPC handler and routes

Add POST /xrpc/social.coves.post.create endpoint:
- Authentication required via OAuth middleware
- Validate request body size (1MB limit for DoS prevention)
- Validate at-identifier format for community field
- Reject client-provided authorDid (security)
- Set authorDid from authenticated JWT
- Error mapping for lexicon-compliant responses

Handler security features:
- Body size limit prevents DoS
- Author impersonation prevented
- All 4 at-identifier formats supported
- Proper error codes (400, 401, 403, 404, 500)

Route registration integrates with auth middleware.

🤖 Generated with [Claude Code](https://claude.com/claude-code)

Co-Authored-By: Claude <noreply@anthropic.com>

bretton.dev 6e056641 7902a620

options
unified split
Changed files
+189
internal
api
handlers
post
create.go
errors.go
routes
post.go
+106
internal/api/handlers/post/create.go 
···

       

       
1

       
+

       
package post


     

       

       
2

       
+

       



     

       

       
3

       
+

       
import (


     

       

       
4

       
+

       
	"Coves/internal/api/middleware"


     

       

       
5

       
+

       
	"Coves/internal/core/posts"


     

       

       
6

       
+

       
	"encoding/json"


     

       

       
7

       
+

       
	"log"


     

       

       
8

       
+

       
	"net/http"


     

       

       
9

       
+

       
	"strings"


     

       

       
10

       
+

       
)


     

       

       
11

       
+

       



     

       

       
12

       
+

       
// CreateHandler handles post creation requests


     

       

       
13

       
+

       
type CreateHandler struct {


     

       

       
14

       
+

       
	service posts.Service


     

       

       
15

       
+

       
}


     

       

       
16

       
+

       



     

       

       
17

       
+

       
// NewCreateHandler creates a new create handler


     

       

       
18

       
+

       
func NewCreateHandler(service posts.Service) *CreateHandler {


     

       

       
19

       
+

       
	return &CreateHandler{


     

       

       
20

       
+

       
		service: service,


     

       

       
21

       
+

       
	}


     

       

       
22

       
+

       
}


     

       

       
23

       
+

       



     

       

       
24

       
+

       
// HandleCreate handles POST /xrpc/social.coves.post.create


     

       

       
25

       
+

       
// Creates a new post in a community's repository


     

       

       
26

       
+

       
func (h *CreateHandler) HandleCreate(w http.ResponseWriter, r *http.Request) {


     

       

       
27

       
+

       
	// 1. Check HTTP method


     

       

       
28

       
+

       
	if r.Method != http.MethodPost {


     

       

       
29

       
+

       
		http.Error(w, "Method not allowed", http.StatusMethodNotAllowed)


     

       

       
30

       
+

       
		return


     

       

       
31

       
+

       
	}


     

       

       
32

       
+

       



     

       

       
33

       
+

       
	// 2. Limit request body size to prevent DoS attacks


     

       

       
34

       
+

       
	// 1MB allows for large content + embeds while preventing abuse


     

       

       
35

       
+

       
	r.Body = http.MaxBytesReader(w, r.Body, 1*1024*1024)


     

       

       
36

       
+

       



     

       

       
37

       
+

       
	// 3. Parse request body


     

       

       
38

       
+

       
	var req posts.CreatePostRequest


     

       

       
39

       
+

       
	if err := json.NewDecoder(r.Body).Decode(&req); err != nil {


     

       

       
40

       
+

       
		// Check if error is due to body size limit


     

       

       
41

       
+

       
		if err.Error() == "http: request body too large" {


     

       

       
42

       
+

       
			writeError(w, http.StatusRequestEntityTooLarge, "RequestTooLarge",


     

       

       
43

       
+

       
				"Request body too large (max 1MB)")


     

       

       
44

       
+

       
			return


     

       

       
45

       
+

       
		}


     

       

       
46

       
+

       
		writeError(w, http.StatusBadRequest, "InvalidRequest", "Invalid request body")


     

       

       
47

       
+

       
		return


     

       

       
48

       
+

       
	}


     

       

       
49

       
+

       



     

       

       
50

       
+

       
	// 4. Extract authenticated user DID from request context (injected by auth middleware)


     

       

       
51

       
+

       
	userDID := middleware.GetUserDID(r)


     

       

       
52

       
+

       
	if userDID == "" {


     

       

       
53

       
+

       
		writeError(w, http.StatusUnauthorized, "AuthRequired", "Authentication required")


     

       

       
54

       
+

       
		return


     

       

       
55

       
+

       
	}


     

       

       
56

       
+

       



     

       

       
57

       
+

       
	// 5. Validate required fields


     

       

       
58

       
+

       
	if req.Community == "" {


     

       

       
59

       
+

       
		writeError(w, http.StatusBadRequest, "InvalidRequest", "community is required")


     

       

       
60

       
+

       
		return


     

       

       
61

       
+

       
	}


     

       

       
62

       
+

       



     

       

       
63

       
+

       
	// 5b. Basic format validation for better UX (fail fast on obviously invalid input)


     

       

       
64

       
+

       
	// Valid formats accepted by resolver:


     

       

       
65

       
+

       
	//   - DID: did:plc:xyz, did:web:example.com


     

       

       
66

       
+

       
	//   - Scoped handle: !name@instance


     

       

       
67

       
+

       
	//   - Canonical handle: name.community.instance


     

       

       
68

       
+

       
	//   - @-prefixed handle: @name.community.instance


     

       

       
69

       
+

       
	//


     

       

       
70

       
+

       
	// We only reject obviously invalid formats here (no prefix, no dots, no @ for !)


     

       

       
71

       
+

       
	// The service layer (ResolveCommunityIdentifier) does comprehensive validation


     

       

       
72

       
+

       



     

       

       
73

       
+

       
	// Scoped handles must include @ symbol


     

       

       
74

       
+

       
	if strings.HasPrefix(req.Community, "!") && !strings.Contains(req.Community, "@") {


     

       

       
75

       
+

       
		writeError(w, http.StatusBadRequest, "InvalidRequest",


     

       

       
76

       
+

       
			"scoped handle must include @ symbol (!name@instance)")


     

       

       
77

       
+

       
		return


     

       

       
78

       
+

       
	}


     

       

       
79

       
+

       



     

       

       
80

       
+

       
	// 6. SECURITY: Reject client-provided authorDid


     

       

       
81

       
+

       
	// This prevents users from impersonating other users


     

       

       
82

       
+

       
	if req.AuthorDID != "" {


     

       

       
83

       
+

       
		writeError(w, http.StatusBadRequest, "InvalidRequest",


     

       

       
84

       
+

       
			"authorDid must not be provided - derived from authenticated user")


     

       

       
85

       
+

       
		return


     

       

       
86

       
+

       
	}


     

       

       
87

       
+

       



     

       

       
88

       
+

       
	// 7. Set author from authenticated user context


     

       

       
89

       
+

       
	req.AuthorDID = userDID


     

       

       
90

       
+

       



     

       

       
91

       
+

       
	// 8. Call service to create post (write-forward to PDS)


     

       

       
92

       
+

       
	// Note: Service layer will resolve community at-identifier (handle or DID) to DID


     

       

       
93

       
+

       
	response, err := h.service.CreatePost(r.Context(), req)


     

       

       
94

       
+

       
	if err != nil {


     

       

       
95

       
+

       
		handleServiceError(w, err)


     

       

       
96

       
+

       
		return


     

       

       
97

       
+

       
	}


     

       

       
98

       
+

       



     

       

       
99

       
+

       
	// 9. Return success response matching lexicon output


     

       

       
100

       
+

       
	w.Header().Set("Content-Type", "application/json")


     

       

       
101

       
+

       
	w.WriteHeader(http.StatusOK)


     

       

       
102

       
+

       
	if err := json.NewEncoder(w).Encode(response); err != nil {


     

       

       
103

       
+

       
		// Log encoding errors but don't return error response (headers already sent)


     

       

       
104

       
+

       
		log.Printf("Failed to encode post creation response: %v", err)


     

       

       
105

       
+

       
	}


     

       

       
106

       
+

       
}
+57
internal/api/handlers/post/errors.go 
···

       

       
1

       
+

       
package post


     

       

       
2

       
+

       



     

       

       
3

       
+

       
import (


     

       

       
4

       
+

       
	"Coves/internal/core/posts"


     

       

       
5

       
+

       
	"encoding/json"


     

       

       
6

       
+

       
	"log"


     

       

       
7

       
+

       
	"net/http"


     

       

       
8

       
+

       
)


     

       

       
9

       
+

       



     

       

       
10

       
+

       
type errorResponse struct {


     

       

       
11

       
+

       
	Error   string `json:"error"`


     

       

       
12

       
+

       
	Message string `json:"message"`


     

       

       
13

       
+

       
}


     

       

       
14

       
+

       



     

       

       
15

       
+

       
// writeError writes a JSON error response


     

       

       
16

       
+

       
func writeError(w http.ResponseWriter, statusCode int, errorType, message string) {


     

       

       
17

       
+

       
	w.Header().Set("Content-Type", "application/json")


     

       

       
18

       
+

       
	w.WriteHeader(statusCode)


     

       

       
19

       
+

       
	if err := json.NewEncoder(w).Encode(errorResponse{


     

       

       
20

       
+

       
		Error:   errorType,


     

       

       
21

       
+

       
		Message: message,


     

       

       
22

       
+

       
	}); err != nil {


     

       

       
23

       
+

       
		log.Printf("Failed to encode error response: %v", err)


     

       

       
24

       
+

       
	}


     

       

       
25

       
+

       
}


     

       

       
26

       
+

       



     

       

       
27

       
+

       
// handleServiceError maps service errors to HTTP responses


     

       

       
28

       
+

       
func handleServiceError(w http.ResponseWriter, err error) {


     

       

       
29

       
+

       
	switch {


     

       

       
30

       
+

       
	case err == posts.ErrCommunityNotFound:


     

       

       
31

       
+

       
		writeError(w, http.StatusNotFound, "CommunityNotFound",


     

       

       
32

       
+

       
			"Community not found")


     

       

       
33

       
+

       



     

       

       
34

       
+

       
	case err == posts.ErrNotAuthorized:


     

       

       
35

       
+

       
		writeError(w, http.StatusForbidden, "NotAuthorized",


     

       

       
36

       
+

       
			"You are not authorized to post in this community")


     

       

       
37

       
+

       



     

       

       
38

       
+

       
	case err == posts.ErrBanned:


     

       

       
39

       
+

       
		writeError(w, http.StatusForbidden, "Banned",


     

       

       
40

       
+

       
			"You are banned from this community")


     

       

       
41

       
+

       



     

       

       
42

       
+

       
	case posts.IsContentRuleViolation(err):


     

       

       
43

       
+

       
		writeError(w, http.StatusBadRequest, "ContentRuleViolation", err.Error())


     

       

       
44

       
+

       



     

       

       
45

       
+

       
	case posts.IsValidationError(err):


     

       

       
46

       
+

       
		writeError(w, http.StatusBadRequest, "InvalidRequest", err.Error())


     

       

       
47

       
+

       



     

       

       
48

       
+

       
	case posts.IsNotFound(err):


     

       

       
49

       
+

       
		writeError(w, http.StatusNotFound, "NotFound", err.Error())


     

       

       
50

       
+

       



     

       

       
51

       
+

       
	default:


     

       

       
52

       
+

       
		// Don't leak internal error details to clients


     

       

       
53

       
+

       
		log.Printf("Unexpected error in post handler: %v", err)


     

       

       
54

       
+

       
		writeError(w, http.StatusInternalServerError, "InternalServerError",


     

       

       
55

       
+

       
			"An internal error occurred")


     

       

       
56

       
+

       
	}


     

       

       
57

       
+

       
}
+26
internal/api/routes/post.go 
···

       

       
1

       
+

       
package routes


     

       

       
2

       
+

       



     

       

       
3

       
+

       
import (


     

       

       
4

       
+

       
	"Coves/internal/api/handlers/post"


     

       

       
5

       
+

       
	"Coves/internal/api/middleware"


     

       

       
6

       
+

       
	"Coves/internal/core/posts"


     

       

       
7

       
+

       



     

       

       
8

       
+

       
	"github.com/go-chi/chi/v5"


     

       

       
9

       
+

       
)


     

       

       
10

       
+

       



     

       

       
11

       
+

       
// RegisterPostRoutes registers post-related XRPC endpoints on the router


     

       

       
12

       
+

       
// Implements social.coves.post.* lexicon endpoints


     

       

       
13

       
+

       
func RegisterPostRoutes(r chi.Router, service posts.Service, authMiddleware *middleware.AtProtoAuthMiddleware) {


     

       

       
14

       
+

       
	// Initialize handlers


     

       

       
15

       
+

       
	createHandler := post.NewCreateHandler(service)


     

       

       
16

       
+

       



     

       

       
17

       
+

       
	// Procedure endpoints (POST) - require authentication


     

       

       
18

       
+

       
	// social.coves.post.create - create a new post in a community


     

       

       
19

       
+

       
	r.With(authMiddleware.RequireAuth).Post("/xrpc/social.coves.post.create", createHandler.HandleCreate)


     

       

       
20

       
+

       



     

       

       
21

       
+

       
	// Future endpoints (Beta):


     

       

       
22

       
+

       
	// r.Get("/xrpc/social.coves.post.get", getHandler.HandleGet)


     

       

       
23

       
+

       
	// r.With(authMiddleware.RequireAuth).Post("/xrpc/social.coves.post.update", updateHandler.HandleUpdate)


     

       

       
24

       
+

       
	// r.With(authMiddleware.RequireAuth).Post("/xrpc/social.coves.post.delete", deleteHandler.HandleDelete)


     

       

       
25

       
+

       
	// r.Get("/xrpc/social.coves.post.list", listHandler.HandleList)


     

       

       
26

       
+

       
}