bretton.dev / coves
A community based topic aggregation platform built on atproto
fork atom

feat(server): integrate vote XRPC endpoints

Wire up vote service and routes in main server:
- Initialize VoteService with OAuth client for PDS authentication
- Register vote XRPC routes with auth middleware

Also adds E2E test helpers:
- AddSessionWithPDS: Store session with specific PDS URL
- AddUserWithPDSToken: Register user with real PDS access token

🤖 Generated with [Claude Code](https://claude.com/claude-code)

Co-Authored-By: Claude <noreply@anthropic.com>

bretton.dev ceb62886 55d28bb2

options
unified split
Changed files
+23 -2
cmd
server
main.go
tests
integration
helpers.go
+7 -2
cmd/server/main.go 
···

       
16

       
16

       
 

       
	"Coves/internal/core/timeline"


     

       
17

       
17

       
 

       
	"Coves/internal/core/unfurl"


     

       
18

       
18

       
 

       
	"Coves/internal/core/users"


     

       

       
19

       
+

       
	"Coves/internal/core/votes"


     

       
19

       
20

       
 

       
	"bytes"


     

       
20

       
21

       
 

       
	"context"


     

       
21

       
22

       
 

       
	"crypto/rand"


     
···

       
388

       
389

       
 

       
	voteRepo := postgresRepo.NewVoteRepository(db)


     

       
389

       
390

       
 

       
	log.Println("✅ Vote repository initialized (Jetstream indexing only)")


     

       
390

       
391

       
 

       



     

       

       
392

       
+

       
	// Initialize vote service (for XRPC API endpoints)


     

       

       
393

       
+

       
	voteService := votes.NewService(voteRepo, oauthClient, oauthStore, nil)


     

       

       
394

       
+

       
	log.Println("✅ Vote service initialized (with OAuth authentication)")


     

       

       
395

       
+

       



     

       
391

       
396

       
 

       
	// Initialize comment repository (used by Jetstream consumer for indexing)


     

       
392

       
397

       
 

       
	commentRepo := postgresRepo.NewCommentRepository(db)


     

       
393

       
398

       
 

       
	log.Println("✅ Comment repository initialized (Jetstream indexing only)")


     
···

       
510

       
515

       
 

       
	routes.RegisterPostRoutes(r, postService, authMiddleware)


     

       
511

       
516

       
 

       
	log.Println("Post XRPC endpoints registered with OAuth authentication")


     

       
512

       
517

       
 

       



     

       
513

       

       
-

       
	// Vote write endpoints removed - clients write directly to their PDS


     

       
514

       

       
-

       
	// The AppView indexes votes from Jetstream (see vote consumer above)


     

       

       
518

       
+

       
	routes.RegisterVoteRoutes(r, voteService, authMiddleware)


     

       

       
519

       
+

       
	log.Println("Vote XRPC endpoints registered with OAuth authentication")


     

       
515

       
520

       
 

       



     

       
516

       
521

       
 

       
	routes.RegisterCommunityFeedRoutes(r, feedService)


     

       
517

       
522

       
 

       
	log.Println("Feed XRPC endpoints registered (public, no auth required)")
+16
tests/integration/helpers.go 
···

       
322

       
322

       
 

       



     

       
323

       
323

       
 

       
// AddSession adds a session to the store


     

       
324

       
324

       
 

       
func (m *MockOAuthStore) AddSession(did, sessionID, accessToken string) {


     

       

       
325

       
+

       
	m.AddSessionWithPDS(did, sessionID, accessToken, getTestPDSURL())


     

       

       
326

       
+

       
}


     

       

       
327

       
+

       



     

       

       
328

       
+

       
// AddSessionWithPDS adds a session to the store with a specific PDS URL


     

       

       
329

       
+

       
func (m *MockOAuthStore) AddSessionWithPDS(did, sessionID, accessToken, pdsURL string) {


     

       
325

       
330

       
 

       
	key := did + ":" + sessionID


     

       
326

       
331

       
 

       
	parsedDID, _ := syntax.ParseDID(did)


     

       
327

       
332

       
 

       
	m.sessions[key] = &oauthlib.ClientSessionData{


     

       
328

       
333

       
 

       
		AccountDID:  parsedDID,


     

       
329

       
334

       
 

       
		SessionID:   sessionID,


     

       
330

       
335

       
 

       
		AccessToken: accessToken,


     

       

       
336

       
+

       
		HostURL:     pdsURL,


     

       
331

       
337

       
 

       
	}


     

       
332

       
338

       
 

       
}


     

       
333

       
339

       
 

       



     
···

       
409

       
415

       
 

       
	e.store.AddSession(did, sessionID, "access-token-"+did)


     

       
410

       
416

       
 

       
	return token


     

       
411

       
417

       
 

       
}


     

       

       
418

       
+

       



     

       

       
419

       
+

       
// AddUserWithPDSToken registers a user with their real PDS access token


     

       

       
420

       
+

       
// Use this for E2E tests that need to write to the real PDS


     

       

       
421

       
+

       
func (e *E2EOAuthMiddleware) AddUserWithPDSToken(did, pdsAccessToken, pdsURL string) string {


     

       

       
422

       
+

       
	token := "test-token-" + did


     

       

       
423

       
+

       
	sessionID := "session-" + did


     

       

       
424

       
+

       
	e.unsealer.AddSession(token, did, sessionID)


     

       

       
425

       
+

       
	e.store.AddSessionWithPDS(did, sessionID, pdsAccessToken, pdsURL)


     

       

       
426

       
+

       
	return token


     

       

       
427

       
+

       
}