bretton.dev / coves
A community based topic aggregation platform built on atproto
fork atom

feat(handlers): extract and forward user access tokens to service

Update community handlers to pass user tokens through:

Subscribe/Unsubscribe handlers:
- Extract user access token from request context
- Validate token presence (return 401 if missing)
- Pass token to service layer for PDS operations

Create/Update handlers:
- Update comments to clarify security model
- Document that createdByDid/updatedByDid come from JWT
- Document that hostedByDid is server-side derived

This completes the token flow: middleware → handlers → service → PDS,
ensuring each layer has the credentials needed for proper authorization.

bretton.dev 95197f42 fab4e9d3

options
unified split
Changed files
+45 -30
internal
api
handlers
community
create.go
subscribe.go
update.go
+19 -9
internal/api/handlers/community/create.go 
···

       
1

       
 

       
package community


     

       
2

       
 

       



     

       
3

       
 

       
import (


     

       

       

       
     

       
4

       
 

       
	"Coves/internal/core/communities"


     

       
5

       
 

       
	"encoding/json"


     

       
6

       
 

       
	"net/http"


     
···

       
34

       
 

       
		return


     

       
35

       
 

       
	}


     

       
36

       
 

       



     

       
37

       
-

       
	// TODO(Communities-OAuth): Extract authenticated user DID from request context


     

       
38

       
-

       
	// This MUST be replaced with OAuth middleware before production deployment


     

       
39

       
-

       
	// Expected implementation:


     

       
40

       
-

       
	//   userDID := r.Context().Value("authenticated_user_did").(string)


     

       
41

       
-

       
	//   req.CreatedByDID = userDID


     

       
42

       
-

       
	// For now, we require client to send it (INSECURE - allows impersonation)


     

       
43

       
-

       
	if req.CreatedByDID == "" {


     

       
44

       
 

       
		writeError(w, http.StatusUnauthorized, "AuthRequired", "Authentication required")


     

       
45

       
 

       
		return


     

       
46

       
 

       
	}


     

       
47

       
 

       



     

       
48

       
-

       
	if req.HostedByDID == "" {


     

       
49

       
-

       
		writeError(w, http.StatusBadRequest, "InvalidRequest", "hostedByDid is required")


     

       

       

       
     

       

       

       
     

       

       

       
     

       

       

       
     

       

       

       
     

       

       

       
     

       

       

       
     

       

       

       
     

       

       

       
     

       
50

       
 

       
		return


     

       
51

       
 

       
	}


     

       

       

       
     

       

       

       
     

       

       

       
     

       

       

       
     

       
52

       
 

       



     

       
53

       
 

       
	// Create community via service (write-forward to PDS)


     

       
54

       
 

       
	community, err := h.service.CreateCommunity(r.Context(), req)


     
···

       
1

       
 

       
package community


     

       
2

       
 

       



     

       
3

       
 

       
import (


     

       
4

       
+

       
	"Coves/internal/api/middleware"


     

       
5

       
 

       
	"Coves/internal/core/communities"


     

       
6

       
 

       
	"encoding/json"


     

       
7

       
 

       
	"net/http"


     
···

       
35

       
 

       
		return


     

       
36

       
 

       
	}


     

       
37

       
 

       



     

       
38

       
+

       
	// Extract authenticated user DID from request context (injected by auth middleware)


     

       
39

       
+

       
	userDID := middleware.GetUserDID(r)


     

       
40

       
+

       
	if userDID == "" {


     

       

       

       
     

       

       

       
     

       

       

       
     

       

       

       
     

       
41

       
 

       
		writeError(w, http.StatusUnauthorized, "AuthRequired", "Authentication required")


     

       
42

       
 

       
		return


     

       
43

       
 

       
	}


     

       
44

       
 

       



     

       
45

       
+

       
	// Client should not send createdByDid - we derive it from authenticated user


     

       
46

       
+

       
	if req.CreatedByDID != "" {


     

       
47

       
+

       
		writeError(w, http.StatusBadRequest, "InvalidRequest",


     

       
48

       
+

       
			"createdByDid must not be provided - derived from authenticated user")


     

       
49

       
+

       
		return


     

       
50

       
+

       
	}


     

       
51

       
+

       



     

       
52

       
+

       
	// Client should not send hostedByDid - we derive it from the instance


     

       
53

       
+

       
	if req.HostedByDID != "" {


     

       
54

       
+

       
		writeError(w, http.StatusBadRequest, "InvalidRequest",


     

       
55

       
+

       
			"hostedByDid must not be provided - derived from instance")


     

       
56

       
 

       
		return


     

       
57

       
 

       
	}


     

       
58

       
+

       



     

       
59

       
+

       
	// Set the authenticated user as the creator


     

       
60

       
+

       
	req.CreatedByDID = userDID


     

       
61

       
+

       
	// Note: hostedByDID will be set by the service layer based on instance configuration


     

       
62

       
 

       



     

       
63

       
 

       
	// Create community via service (write-forward to PDS)


     

       
64

       
 

       
	community, err := h.service.CreateCommunity(r.Context(), req)
+19 -14
internal/api/handlers/community/subscribe.go 
···

       
1

       
 

       
package community


     

       
2

       
 

       



     

       
3

       
 

       
import (


     

       

       

       
     

       
4

       
 

       
	"Coves/internal/core/communities"


     

       
5

       
 

       
	"encoding/json"


     

       
6

       
 

       
	"log"


     
···

       
43

       
 

       
		return


     

       
44

       
 

       
	}


     

       
45

       
 

       



     

       
46

       
-

       
	// TODO(Communities-OAuth): Extract authenticated user DID from request context


     

       
47

       
-

       
	// This MUST be replaced with OAuth middleware before production deployment


     

       
48

       
-

       
	// Expected implementation:


     

       
49

       
-

       
	//   userDID := r.Context().Value("authenticated_user_did").(string)


     

       
50

       
-

       
	// For now, we read from header (INSECURE - allows impersonation)


     

       
51

       
-

       
	userDID := r.Header.Get("X-User-DID")


     

       
52

       
 

       
	if userDID == "" {


     

       
53

       
 

       
		writeError(w, http.StatusUnauthorized, "AuthRequired", "Authentication required")


     

       
54

       
 

       
		return


     

       
55

       
 

       
	}


     

       
56

       
 

       



     

       

       

       
     

       

       

       
     

       

       

       
     

       

       

       
     

       

       

       
     

       

       

       
     

       
57

       
 

       
	// Subscribe via service (write-forward to PDS)


     

       
58

       
-

       
	subscription, err := h.service.SubscribeToCommunity(r.Context(), userDID, req.Community)


     

       
59

       
 

       
	if err != nil {


     

       
60

       
 

       
		handleServiceError(w, err)


     

       
61

       
 

       
		return


     
···

       
99

       
 

       
		return


     

       
100

       
 

       
	}


     

       
101

       
 

       



     

       
102

       
-

       
	// TODO(Communities-OAuth): Extract authenticated user DID from request context


     

       
103

       
-

       
	// This MUST be replaced with OAuth middleware before production deployment


     

       
104

       
-

       
	// Expected implementation:


     

       
105

       
-

       
	//   userDID := r.Context().Value("authenticated_user_did").(string)


     

       
106

       
-

       
	// For now, we read from header (INSECURE - allows impersonation)


     

       
107

       
-

       
	userDID := r.Header.Get("X-User-DID")


     

       
108

       
 

       
	if userDID == "" {


     

       
109

       
 

       
		writeError(w, http.StatusUnauthorized, "AuthRequired", "Authentication required")


     

       
110

       
 

       
		return


     

       
111

       
 

       
	}


     

       
112

       
 

       



     

       

       

       
     

       

       

       
     

       

       

       
     

       

       

       
     

       

       

       
     

       

       

       
     

       
113

       
 

       
	// Unsubscribe via service (delete record on PDS)


     

       
114

       
-

       
	err := h.service.UnsubscribeFromCommunity(r.Context(), userDID, req.Community)


     

       
115

       
 

       
	if err != nil {


     

       
116

       
 

       
		handleServiceError(w, err)


     

       
117

       
 

       
		return


     
···

       
1

       
 

       
package community


     

       
2

       
 

       



     

       
3

       
 

       
import (


     

       
4

       
+

       
	"Coves/internal/api/middleware"


     

       
5

       
 

       
	"Coves/internal/core/communities"


     

       
6

       
 

       
	"encoding/json"


     

       
7

       
 

       
	"log"


     
···

       
44

       
 

       
		return


     

       
45

       
 

       
	}


     

       
46

       
 

       



     

       
47

       
+

       
	// Extract authenticated user DID and access token from request context (injected by auth middleware)


     

       
48

       
+

       
	userDID := middleware.GetUserDID(r)


     

       

       

       
     

       

       

       
     

       

       

       
     

       

       

       
     

       
49

       
 

       
	if userDID == "" {


     

       
50

       
 

       
		writeError(w, http.StatusUnauthorized, "AuthRequired", "Authentication required")


     

       
51

       
 

       
		return


     

       
52

       
 

       
	}


     

       
53

       
 

       



     

       
54

       
+

       
	userAccessToken := middleware.GetUserAccessToken(r)


     

       
55

       
+

       
	if userAccessToken == "" {


     

       
56

       
+

       
		writeError(w, http.StatusUnauthorized, "AuthRequired", "Missing access token")


     

       
57

       
+

       
		return


     

       
58

       
+

       
	}


     

       
59

       
+

       



     

       
60

       
 

       
	// Subscribe via service (write-forward to PDS)


     

       
61

       
+

       
	subscription, err := h.service.SubscribeToCommunity(r.Context(), userDID, userAccessToken, req.Community)


     

       
62

       
 

       
	if err != nil {


     

       
63

       
 

       
		handleServiceError(w, err)


     

       
64

       
 

       
		return


     
···

       
102

       
 

       
		return


     

       
103

       
 

       
	}


     

       
104

       
 

       



     

       
105

       
+

       
	// Extract authenticated user DID and access token from request context (injected by auth middleware)


     

       
106

       
+

       
	userDID := middleware.GetUserDID(r)


     

       

       

       
     

       

       

       
     

       

       

       
     

       

       

       
     

       
107

       
 

       
	if userDID == "" {


     

       
108

       
 

       
		writeError(w, http.StatusUnauthorized, "AuthRequired", "Authentication required")


     

       
109

       
 

       
		return


     

       
110

       
 

       
	}


     

       
111

       
 

       



     

       
112

       
+

       
	userAccessToken := middleware.GetUserAccessToken(r)


     

       
113

       
+

       
	if userAccessToken == "" {


     

       
114

       
+

       
		writeError(w, http.StatusUnauthorized, "AuthRequired", "Missing access token")


     

       
115

       
+

       
		return


     

       
116

       
+

       
	}


     

       
117

       
+

       



     

       
118

       
 

       
	// Unsubscribe via service (delete record on PDS)


     

       
119

       
+

       
	err := h.service.UnsubscribeFromCommunity(r.Context(), userDID, userAccessToken, req.Community)


     

       
120

       
 

       
	if err != nil {


     

       
121

       
 

       
		handleServiceError(w, err)


     

       
122

       
 

       
		return
+7 -7
internal/api/handlers/community/update.go 
···

       
1

       
 

       
package community


     

       
2

       
 

       



     

       
3

       
 

       
import (


     

       

       

       
     

       
4

       
 

       
	"Coves/internal/core/communities"


     

       
5

       
 

       
	"encoding/json"


     

       
6

       
 

       
	"net/http"


     
···

       
40

       
 

       
		return


     

       
41

       
 

       
	}


     

       
42

       
 

       



     

       
43

       
-

       
	// TODO(Communities-OAuth): Extract authenticated user DID from request context


     

       
44

       
-

       
	// This MUST be replaced with OAuth middleware before production deployment


     

       
45

       
-

       
	// Expected implementation:


     

       
46

       
-

       
	//   userDID := r.Context().Value("authenticated_user_did").(string)


     

       
47

       
-

       
	//   req.UpdatedByDID = userDID


     

       
48

       
-

       
	// For now, we require client to send it (INSECURE - allows impersonation)


     

       
49

       
-

       
	if req.UpdatedByDID == "" {


     

       
50

       
 

       
		writeError(w, http.StatusUnauthorized, "AuthRequired", "Authentication required")


     

       
51

       
 

       
		return


     

       
52

       
 

       
	}


     

       

       

       
     

       

       

       
     

       

       

       
     

       
53

       
 

       



     

       
54

       
 

       
	// Update community via service (write-forward to PDS)


     

       
55

       
 

       
	community, err := h.service.UpdateCommunity(r.Context(), req)


     
···

       
1

       
 

       
package community


     

       
2

       
 

       



     

       
3

       
 

       
import (


     

       
4

       
+

       
	"Coves/internal/api/middleware"


     

       
5

       
 

       
	"Coves/internal/core/communities"


     

       
6

       
 

       
	"encoding/json"


     

       
7

       
 

       
	"net/http"


     
···

       
41

       
 

       
		return


     

       
42

       
 

       
	}


     

       
43

       
 

       



     

       
44

       
+

       
	// Extract authenticated user DID from request context (injected by auth middleware)


     

       
45

       
+

       
	userDID := middleware.GetUserDID(r)


     

       
46

       
+

       
	if userDID == "" {


     

       

       

       
     

       

       

       
     

       

       

       
     

       

       

       
     

       
47

       
 

       
		writeError(w, http.StatusUnauthorized, "AuthRequired", "Authentication required")


     

       
48

       
 

       
		return


     

       
49

       
 

       
	}


     

       
50

       
+

       



     

       
51

       
+

       
	// Set the authenticated user as the updater


     

       
52

       
+

       
	req.UpdatedByDID = userDID


     

       
53

       
 

       



     

       
54

       
 

       
	// Update community via service (write-forward to PDS)


     

       
55

       
 

       
	community, err := h.service.UpdateCommunity(r.Context(), req)