bretton.dev / coves
A community based topic aggregation platform built on atproto
fork atom

fix(service): add DID verification and improve error detection

Service layer improvements:

1. Add DID verification in ResolveCommunityIdentifier:
- When a DID is provided, verify the community actually exists
in the AppView database
- Prevents accepting non-existent DIDs (e.g., did:plc:fakefake)
- Provides clearer error messages when community doesn't exist

2. Improve duplicate error detection in BlockCommunity:
- Check for HTTP 409 Conflict status code explicitly
- Added "status 409" check in addition to text-based detection
- More robust across different PDS implementations
- Still maintains fallback checks for compatibility

Both changes improve error handling and user experience while
maintaining backward compatibility.

Addresses: Critical review comment #2, Important review comment #3

bretton.dev df964fa8 948d79da

options
unified split
Changed files
+17 -3
internal
core
communities
service.go
+17 -3
internal/core/communities/service.go 
···

       
554

       
 

       
	// 3. This avoids a race condition where two concurrent requests both pass the check


     

       
555

       
 

       
	recordURI, recordCID, err := s.createRecordOnPDSAs(ctx, userDID, "social.coves.community.block", "", blockRecord, userAccessToken)


     

       
556

       
 

       
	if err != nil {


     

       
557

       
-

       
		// Check if this is a duplicate error from PDS


     

       

       

       
     

       

       

       
     

       
558

       
 

       
		errMsg := err.Error()


     

       
559

       
-

       
		if strings.Contains(errMsg, "duplicate") || strings.Contains(errMsg, "already exists") {


     

       

       

       
     

       

       

       
     

       

       

       
     

       

       

       
     

       

       

       
     

       
560

       
 

       
			// Fetch and return existing block from our indexed view


     

       
561

       
 

       
			existingBlock, getErr := s.repo.GetBlock(ctx, userDID, communityDID)


     

       
562

       
 

       
			if getErr == nil {


     
···

       
652

       
 

       
		return "", ErrInvalidInput


     

       
653

       
 

       
	}


     

       
654

       
 

       



     

       
655

       
-

       
	// If it's already a DID, return it


     

       
656

       
 

       
	if strings.HasPrefix(identifier, "did:") {


     

       

       

       
     

       

       

       
     

       

       

       
     

       

       

       
     

       

       

       
     

       

       

       
     

       

       

       
     

       
657

       
 

       
		return identifier, nil


     

       
658

       
 

       
	}


     

       
659

       
 

       



     
···

       
554

       
 

       
	// 3. This avoids a race condition where two concurrent requests both pass the check


     

       
555

       
 

       
	recordURI, recordCID, err := s.createRecordOnPDSAs(ctx, userDID, "social.coves.community.block", "", blockRecord, userAccessToken)


     

       
556

       
 

       
	if err != nil {


     

       
557

       
+

       
		// Check if this is a duplicate/conflict error from PDS


     

       
558

       
+

       
		// PDS should return 409 Conflict for duplicate records, but we also check common error messages


     

       
559

       
+

       
		// for compatibility with different PDS implementations


     

       
560

       
 

       
		errMsg := err.Error()


     

       
561

       
+

       
		isDuplicate := strings.Contains(errMsg, "status 409") || // HTTP 409 Conflict


     

       
562

       
+

       
			strings.Contains(errMsg, "duplicate") ||


     

       
563

       
+

       
			strings.Contains(errMsg, "already exists") ||


     

       
564

       
+

       
			strings.Contains(errMsg, "AlreadyExists")


     

       
565

       
+

       



     

       
566

       
+

       
		if isDuplicate {


     

       
567

       
 

       
			// Fetch and return existing block from our indexed view


     

       
568

       
 

       
			existingBlock, getErr := s.repo.GetBlock(ctx, userDID, communityDID)


     

       
569

       
 

       
			if getErr == nil {


     
···

       
659

       
 

       
		return "", ErrInvalidInput


     

       
660

       
 

       
	}


     

       
661

       
 

       



     

       
662

       
+

       
	// If it's already a DID, verify the community exists


     

       
663

       
 

       
	if strings.HasPrefix(identifier, "did:") {


     

       
664

       
+

       
		_, err := s.repo.GetByDID(ctx, identifier)


     

       
665

       
+

       
		if err != nil {


     

       
666

       
+

       
			if IsNotFound(err) {


     

       
667

       
+

       
				return "", fmt.Errorf("community not found: %w", err)


     

       
668

       
+

       
			}


     

       
669

       
+

       
			return "", fmt.Errorf("failed to verify community DID: %w", err)


     

       
670

       
+

       
		}


     

       
671

       
 

       
		return identifier, nil


     

       
672

       
 

       
	}


     

       
673