comparing 02d55e618425652ae3e3121509a56f4a156a8a77 and feat/vote-xrpc-endpoints on bretton.dev/coves

+3 -1

internal/atproto/oauth/client.go

···

       82
        
       		clientConfig = oauth.NewLocalhostConfig(callbackURL, config.Scopes)

     

       83
        
       	} else {

     

       84
        
       		// Production mode: public OAuth client with HTTPS

     

       0
        
       
     

       0
        
       
     

       85
        
       		callbackURL := config.PublicURL + "/oauth/callback"

     

       86
       -
       		clientConfig = oauth.NewPublicConfig(config.PublicURL, callbackURL, config.Scopes)

     

       87
        
       	}

     

       88
        
       

     

       89
        
       	// Set user agent

···

       82
        
       		clientConfig = oauth.NewLocalhostConfig(callbackURL, config.Scopes)

     

       83
        
       	} else {

     

       84
        
       		// Production mode: public OAuth client with HTTPS

     

       85
       +
       		// client_id must be the URL of the client metadata document per atproto OAuth spec

     

       86
       +
       		clientID := config.PublicURL + "/oauth/client-metadata.json"

     

       87
        
       		callbackURL := config.PublicURL + "/oauth/callback"

     

       88
       +
       		clientConfig = oauth.NewPublicConfig(clientID, callbackURL, config.Scopes)

     

       89
        
       	}

     

       90
        
       

     

       91
        
       	// Set user agent

+1 -8

Caddyfile

···

       60
        
               file_server

     

       61
        
           }

     

       62
        
       

     

       63
       -
           # Serve OAuth callback page

     

       64
       -
           handle /oauth/callback {

     

       65
       -
               root * /srv

     

       66
       -
               rewrite * /oauth/callback.html

     

       67
       -
               file_server

     

       68
       -
           }

     

       69
       -
       

     

       70
       -
           # Proxy all other requests to AppView

     

       71
        
           handle {

     

       72
        
               reverse_proxy appview:8080 {

     

       73
        
                   # Health check

···

       60
        
               file_server

     

       61
        
           }

     

       62
        
       

     

       63
       +
           # Proxy all requests to AppView

     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       64
        
           handle {

     

       65
        
               reverse_proxy appview:8080 {

     

       66
        
                   # Health check

-97

static/oauth/callback.html

···

       1
       -
       <!DOCTYPE html>

     

       2
       -
       <html>

     

       3
       -
       <head>

     

       4
       -
         <meta charset="utf-8">

     

       5
       -
         <meta name="viewport" content="width=device-width, initial-scale=1">

     

       6
       -
         <meta http-equiv="Content-Security-Policy" content="default-src 'self'; script-src 'unsafe-inline'; style-src 'unsafe-inline'">

     

       7
       -
         <title>Authorization Successful - Coves</title>

     

       8
       -
         <style>

     

       9
       -
           body {

     

       10
       -
             font-family: system-ui, -apple-system, sans-serif;

     

       11
       -
             display: flex;

     

       12
       -
             align-items: center;

     

       13
       -
             justify-content: center;

     

       14
       -
             min-height: 100vh;

     

       15
       -
             margin: 0;

     

       16
       -
             background: #f5f5f5;

     

       17
       -
           }

     

       18
       -
           .container {

     

       19
       -
             text-align: center;

     

       20
       -
             padding: 2rem;

     

       21
       -
             background: white;

     

       22
       -
             border-radius: 8px;

     

       23
       -
             box-shadow: 0 2px 8px rgba(0,0,0,0.1);

     

       24
       -
             max-width: 400px;

     

       25
       -
           }

     

       26
       -
           .success { color: #22c55e; font-size: 3rem; margin-bottom: 1rem; }

     

       27
       -
           h1 { margin: 0 0 0.5rem; color: #1f2937; font-size: 1.5rem; }

     

       28
       -
           p { color: #6b7280; margin: 0.5rem 0; }

     

       29
       -
           a {

     

       30
       -
             display: inline-block;

     

       31
       -
             margin-top: 1rem;

     

       32
       -
             padding: 0.75rem 1.5rem;

     

       33
       -
             background: #3b82f6;

     

       34
       -
             color: white;

     

       35
       -
             text-decoration: none;

     

       36
       -
             border-radius: 6px;

     

       37
       -
             font-weight: 500;

     

       38
       -
           }

     

       39
       -
           a:hover { background: #2563eb; }

     

       40
       -
         </style>

     

       41
       -
       </head>

     

       42
       -
       <body>

     

       43
       -
         <div class="container">

     

       44
       -
           <div class="success">✓</div>

     

       45
       -
           <h1>Authorization Successful!</h1>

     

       46
       -
           <p id="status">Returning to Coves...</p>

     

       47
       -
           <a href="#" id="manualLink">Open Coves</a>

     

       48
       -
         </div>

     

       49
       -
         <script>

     

       50
       -
           (function() {

     

       51
       -
             // Parse and sanitize query params - only allow expected OAuth parameters

     

       52
       -
             const urlParams = new URLSearchParams(window.location.search);

     

       53
       -
             const safeParams = new URLSearchParams();

     

       54
       -
       

     

       55
       -
             // Whitelist only expected OAuth callback parameters

     

       56
       -
             const code = urlParams.get('code');

     

       57
       -
             const state = urlParams.get('state');

     

       58
       -
             const error = urlParams.get('error');

     

       59
       -
             const errorDescription = urlParams.get('error_description');

     

       60
       -
             const iss = urlParams.get('iss');

     

       61
       -
       

     

       62
       -
             if (code) safeParams.set('code', code);

     

       63
       -
             if (state) safeParams.set('state', state);

     

       64
       -
             if (error) safeParams.set('error', error);

     

       65
       -
             if (errorDescription) safeParams.set('error_description', errorDescription);

     

       66
       -
             if (iss) safeParams.set('iss', iss);

     

       67
       -
       

     

       68
       -
             const sanitizedQuery = safeParams.toString() ? '?' + safeParams.toString() : '';

     

       69
       -
       

     

       70
       -
             const userAgent = navigator.userAgent || '';

     

       71
       -
             const isAndroid = /Android/i.test(userAgent);

     

       72
       -
       

     

       73
       -
             // Build deep link based on platform

     

       74
       -
             let deepLink;

     

       75
       -
             if (isAndroid) {

     

       76
       -
               // Android: Intent URL format

     

       77
       -
               const pathAndQuery = '/oauth/callback' + sanitizedQuery;

     

       78
       -
               deepLink = 'intent:/' + pathAndQuery + '#Intent;scheme=social.coves;package=social.coves;end';

     

       79
       -
             } else {

     

       80
       -
               // iOS: Custom scheme

     

       81
       -
               deepLink = 'social.coves:/oauth/callback' + sanitizedQuery;

     

       82
       -
             }

     

       83
       -
       

     

       84
       -
             // Update manual link

     

       85
       -
             document.getElementById('manualLink').href = deepLink;

     

       86
       -
       

     

       87
       -
             // Attempt automatic redirect

     

       88
       -
             window.location.href = deepLink;

     

       89
       -
       

     

       90
       -
             // Update status after 2 seconds if redirect didn't work

     

       91
       -
             setTimeout(function() {

     

       92
       -
               document.getElementById('status').textContent = 'Click the button above to continue';

     

       93
       -
             }, 2000);

     

       94
       -
           })();

     

       95
       -
         </script>

     

       96
       -
       </body>

     

       97
       -
       </html>

+6 -5

internal/api/routes/oauth.go

···

       38
        
       	// Use login limiter since callback completes the authentication flow

     

       39
        
       	r.With(corsMiddleware(allowedOrigins), loginLimiter.Middleware).Get("/oauth/callback", handler.HandleCallback)

     

       40
        
       

     

       41
       -
       	// Mobile Universal Link callback route

     

       42
       -
       	// This route is used for iOS Universal Links and Android App Links

     

       43
       -
       	// Path must match the path in .well-known/apple-app-site-association

     

       44
       -
       	// Uses the same handler as web callback - the system routes it to the mobile app

     

       45
       -
       	r.With(loginLimiter.Middleware).Get("/app/oauth/callback", handler.HandleCallback)

     

       0
        
       
     

       46
        
       

     

       47
        
       	// Session management - dedicated rate limits

     

       48
        
       	r.With(logoutLimiter.Middleware).Post("/oauth/logout", handler.HandleLogout)

···

       38
        
       	// Use login limiter since callback completes the authentication flow

     

       39
        
       	r.With(corsMiddleware(allowedOrigins), loginLimiter.Middleware).Get("/oauth/callback", handler.HandleCallback)

     

       40
        
       

     

       41
       +
       	// Mobile Universal Link callback route (fallback when app doesn't intercept)

     

       42
       +
       	// This route exists for iOS Universal Links and Android App Links.

     

       43
       +
       	// When properly configured, the mobile OS intercepts this URL and opens the app

     

       44
       +
       	// BEFORE the request reaches the server. If this handler is reached, it means

     

       45
       +
       	// Universal Links failed to intercept.

     

       46
       +
       	r.With(loginLimiter.Middleware).Get("/app/oauth/callback", handler.HandleMobileDeepLinkFallback)

     

       47
        
       

     

       48
        
       	// Session management - dedicated rate limits

     

       49
        
       	r.With(logoutLimiter.Middleware).Post("/oauth/logout", handler.HandleLogout)

+11

static/.well-known/apple-app-site-association

···

       1
       +
       {

     

       2
       +
         "applinks": {

     

       3
       +
           "apps": [],

     

       4
       +
           "details": [

     

       5
       +
             {

     

       6
       +
               "appID": "TEAM_ID.social.coves",

     

       7
       +
               "paths": ["/app/oauth/callback"]

     

       8
       +
             }

     

       9
       +
           ]

     

       10
       +
         }

     

       11
       +
       }

+10

static/.well-known/assetlinks.json

···

       1
       +
       [{

     

       2
       +
         "relation": ["delegate_permission/common.handle_all_urls"],

     

       3
       +
         "target": {

     

       4
       +
           "namespace": "android_app",

     

       5
       +
           "package_name": "social.coves",

     

       6
       +
           "sha256_cert_fingerprints": [

     

       7
       +
             "0B:D8:8C:99:66:25:E5:CD:06:54:80:88:01:6F:B7:38:B9:F4:5B:41:71:F7:95:C8:68:94:87:AD:EA:9F:D9:ED"

     

       8
       +
           ]

     

       9
       +
         }

     

       10
       +
       }]

+16 -9

internal/atproto/oauth/handlers_test.go

···

       171
        
       }

     

       172
        
       

     

       173
        
       // TestIsMobileRedirectURI tests mobile redirect URI validation with EXACT URI matching

     

       174
       -
       // Only Universal Links (HTTPS) are allowed - custom schemes are blocked for security

     

       175
        
       func TestIsMobileRedirectURI(t *testing.T) {

     

       176
        
       	tests := []struct {

     

       177
        
       		uri      string

     

       178
        
       		expected bool

     

       179
        
       	}{

     

       180
       -
       		{"https://coves.social/app/oauth/callback", true}, // Universal Link - allowed

     

       181
       -
       		{"coves-app://oauth/callback", false},             // Custom scheme - blocked (insecure)

     

       182
       -
       		{"coves://oauth/callback", false},                 // Custom scheme - blocked (insecure)

     

       183
       -
       		{"coves-app://callback", false},                   // Custom scheme - blocked

     

       184
       -
       		{"coves://oauth", false},                          // Custom scheme - blocked

     

       185
       -
       		{"myapp://oauth", false},                          // Not in allowlist

     

       186
       -
       		{"https://example.com", false},                    // Wrong domain

     

       187
       -
       		{"http://localhost", false},                       // HTTP not allowed

     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       188
        
       		{"", false},

     

       189
        
       		{"not-a-uri", false},

     

       190
        
       	}

···

       171
        
       }

     

       172
        
       

     

       173
        
       // TestIsMobileRedirectURI tests mobile redirect URI validation with EXACT URI matching

     

       174
       +
       // Per atproto spec, custom schemes must match client_id hostname in reverse-domain order

     

       175
        
       func TestIsMobileRedirectURI(t *testing.T) {

     

       176
        
       	tests := []struct {

     

       177
        
       		uri      string

     

       178
        
       		expected bool

     

       179
        
       	}{

     

       180
       +
       		// Custom scheme per atproto spec (reverse domain of coves.social)

     

       181
       +
       		{"social.coves:/callback", true},

     

       182
       +
       		{"social.coves://callback", true},

     

       183
       +
       		{"social.coves:/oauth/callback", true},

     

       184
       +
       		{"social.coves://oauth/callback", true},

     

       185
       +
       		// Universal Link - allowed (strongest security)

     

       186
       +
       		{"https://coves.social/app/oauth/callback", true},

     

       187
       +
       		// Wrong custom schemes - not reverse-domain of coves.social

     

       188
       +
       		{"coves-app://oauth/callback", false},

     

       189
       +
       		{"coves://oauth/callback", false},

     

       190
       +
       		{"coves.social://callback", false}, // Not reversed

     

       191
       +
       		{"myapp://oauth", false},

     

       192
       +
       		// Wrong domain/scheme

     

       193
       +
       		{"https://example.com", false},

     

       194
       +
       		{"http://localhost", false},

     

       195
        
       		{"", false},

     

       196
        
       		{"not-a-uri", false},

     

       197
        
       	}

+41

internal/atproto/lexicon/social/coves/feed/vote/delete.json

···

       1
       +
       {

     

       2
       +
         "lexicon": 1,

     

       3
       +
         "id": "social.coves.feed.vote.delete",

     

       4
       +
         "defs": {

     

       5
       +
           "main": {

     

       6
       +
             "type": "procedure",

     

       7
       +
             "description": "Delete a vote on a post or comment",

     

       8
       +
             "input": {

     

       9
       +
               "encoding": "application/json",

     

       10
       +
               "schema": {

     

       11
       +
                 "type": "object",

     

       12
       +
                 "required": ["subject"],

     

       13
       +
                 "properties": {

     

       14
       +
                   "subject": {

     

       15
       +
                     "type": "ref",

     

       16
       +
                     "ref": "com.atproto.repo.strongRef",

     

       17
       +
                     "description": "Strong reference to the post or comment to remove the vote from"

     

       18
       +
                   }

     

       19
       +
                 }

     

       20
       +
               }

     

       21
       +
             },

     

       22
       +
             "output": {

     

       23
       +
               "encoding": "application/json",

     

       24
       +
               "schema": {

     

       25
       +
                 "type": "object",

     

       26
       +
                 "properties": {}

     

       27
       +
               }

     

       28
       +
             },

     

       29
       +
             "errors": [

     

       30
       +
               {

     

       31
       +
                 "name": "VoteNotFound",

     

       32
       +
                 "description": "No vote found for this subject"

     

       33
       +
               },

     

       34
       +
               {

     

       35
       +
                 "name": "NotAuthorized",

     

       36
       +
                 "description": "User is not authorized to delete this vote"

     

       37
       +
               }

     

       38
       +
             ]

     

       39
       +
           }

     

       40
       +
         }

     

       41
       +
       }

+115

internal/api/handlers/vote/create_vote.go

···

       1
       +
       package vote

     

       2
       +
       

     

       3
       +
       import (

     

       4
       +
       	"Coves/internal/api/middleware"

     

       5
       +
       	"Coves/internal/core/votes"

     

       6
       +
       	"encoding/json"

     

       7
       +
       	"log"

     

       8
       +
       	"net/http"

     

       9
       +
       )

     

       10
       +
       

     

       11
       +
       // CreateVoteHandler handles vote creation

     

       12
       +
       type CreateVoteHandler struct {

     

       13
       +
       	service votes.Service

     

       14
       +
       }

     

       15
       +
       

     

       16
       +
       // NewCreateVoteHandler creates a new create vote handler

     

       17
       +
       func NewCreateVoteHandler(service votes.Service) *CreateVoteHandler {

     

       18
       +
       	return &CreateVoteHandler{

     

       19
       +
       		service: service,

     

       20
       +
       	}

     

       21
       +
       }

     

       22
       +
       

     

       23
       +
       // CreateVoteInput represents the request body for creating a vote

     

       24
       +
       type CreateVoteInput struct {

     

       25
       +
       	Subject struct {

     

       26
       +
       		URI string `json:"uri"`

     

       27
       +
       		CID string `json:"cid"`

     

       28
       +
       	} `json:"subject"`

     

       29
       +
       	Direction string `json:"direction"`

     

       30
       +
       }

     

       31
       +
       

     

       32
       +
       // CreateVoteOutput represents the response body for creating a vote

     

       33
       +
       type CreateVoteOutput struct {

     

       34
       +
       	URI string `json:"uri"`

     

       35
       +
       	CID string `json:"cid"`

     

       36
       +
       }

     

       37
       +
       

     

       38
       +
       // HandleCreateVote creates a vote on a post or comment

     

       39
       +
       // POST /xrpc/social.coves.vote.create

     

       40
       +
       //

     

       41
       +
       // Request body: { "subject": { "uri": "at://...", "cid": "..." }, "direction": "up" }

     

       42
       +
       // Response: { "uri": "at://...", "cid": "..." }

     

       43
       +
       //

     

       44
       +
       // Behavior:

     

       45
       +
       // - If no vote exists: creates new vote with given direction

     

       46
       +
       // - If vote exists with same direction: deletes vote (toggle off)

     

       47
       +
       // - If vote exists with different direction: updates to new direction

     

       48
       +
       func (h *CreateVoteHandler) HandleCreateVote(w http.ResponseWriter, r *http.Request) {

     

       49
       +
       	if r.Method != http.MethodPost {

     

       50
       +
       		http.Error(w, "Method not allowed", http.StatusMethodNotAllowed)

     

       51
       +
       		return

     

       52
       +
       	}

     

       53
       +
       

     

       54
       +
       	// Parse request body

     

       55
       +
       	var input CreateVoteInput

     

       56
       +
       	if err := json.NewDecoder(r.Body).Decode(&input); err != nil {

     

       57
       +
       		writeError(w, http.StatusBadRequest, "InvalidRequest", "Invalid request body")

     

       58
       +
       		return

     

       59
       +
       	}

     

       60
       +
       

     

       61
       +
       	// Validate required fields

     

       62
       +
       	if input.Subject.URI == "" {

     

       63
       +
       		writeError(w, http.StatusBadRequest, "InvalidRequest", "subject.uri is required")

     

       64
       +
       		return

     

       65
       +
       	}

     

       66
       +
       	if input.Subject.CID == "" {

     

       67
       +
       		writeError(w, http.StatusBadRequest, "InvalidRequest", "subject.cid is required")

     

       68
       +
       		return

     

       69
       +
       	}

     

       70
       +
       	if input.Direction == "" {

     

       71
       +
       		writeError(w, http.StatusBadRequest, "InvalidRequest", "direction is required")

     

       72
       +
       		return

     

       73
       +
       	}

     

       74
       +
       

     

       75
       +
       	// Validate direction

     

       76
       +
       	if input.Direction != "up" && input.Direction != "down" {

     

       77
       +
       		writeError(w, http.StatusBadRequest, "InvalidRequest", "direction must be 'up' or 'down'")

     

       78
       +
       		return

     

       79
       +
       	}

     

       80
       +
       

     

       81
       +
       	// Get OAuth session from context (injected by auth middleware)

     

       82
       +
       	session := middleware.GetOAuthSession(r)

     

       83
       +
       	if session == nil {

     

       84
       +
       		writeError(w, http.StatusUnauthorized, "AuthRequired", "Authentication required")

     

       85
       +
       		return

     

       86
       +
       	}

     

       87
       +
       

     

       88
       +
       	// Create vote request

     

       89
       +
       	req := votes.CreateVoteRequest{

     

       90
       +
       		Subject: votes.StrongRef{

     

       91
       +
       			URI: input.Subject.URI,

     

       92
       +
       			CID: input.Subject.CID,

     

       93
       +
       		},

     

       94
       +
       		Direction: input.Direction,

     

       95
       +
       	}

     

       96
       +
       

     

       97
       +
       	// Call service to create vote

     

       98
       +
       	response, err := h.service.CreateVote(r.Context(), session, req)

     

       99
       +
       	if err != nil {

     

       100
       +
       		handleServiceError(w, err)

     

       101
       +
       		return

     

       102
       +
       	}

     

       103
       +
       

     

       104
       +
       	// Return success response

     

       105
       +
       	output := CreateVoteOutput{

     

       106
       +
       		URI: response.URI,

     

       107
       +
       		CID: response.CID,

     

       108
       +
       	}

     

       109
       +
       

     

       110
       +
       	w.Header().Set("Content-Type", "application/json")

     

       111
       +
       	w.WriteHeader(http.StatusOK)

     

       112
       +
       	if err := json.NewEncoder(w).Encode(output); err != nil {

     

       113
       +
       		log.Printf("Failed to encode response: %v", err)

     

       114
       +
       	}

     

       115
       +
       }

+93

internal/api/handlers/vote/delete_vote.go

···

       1
       +
       package vote

     

       2
       +
       

     

       3
       +
       import (

     

       4
       +
       	"Coves/internal/api/middleware"

     

       5
       +
       	"Coves/internal/core/votes"

     

       6
       +
       	"encoding/json"

     

       7
       +
       	"log"

     

       8
       +
       	"net/http"

     

       9
       +
       )

     

       10
       +
       

     

       11
       +
       // DeleteVoteHandler handles vote deletion

     

       12
       +
       type DeleteVoteHandler struct {

     

       13
       +
       	service votes.Service

     

       14
       +
       }

     

       15
       +
       

     

       16
       +
       // NewDeleteVoteHandler creates a new delete vote handler

     

       17
       +
       func NewDeleteVoteHandler(service votes.Service) *DeleteVoteHandler {

     

       18
       +
       	return &DeleteVoteHandler{

     

       19
       +
       		service: service,

     

       20
       +
       	}

     

       21
       +
       }

     

       22
       +
       

     

       23
       +
       // DeleteVoteInput represents the request body for deleting a vote

     

       24
       +
       type DeleteVoteInput struct {

     

       25
       +
       	Subject struct {

     

       26
       +
       		URI string `json:"uri"`

     

       27
       +
       		CID string `json:"cid"`

     

       28
       +
       	} `json:"subject"`

     

       29
       +
       }

     

       30
       +
       

     

       31
       +
       // DeleteVoteOutput represents the response body for deleting a vote

     

       32
       +
       // Per lexicon: output is an empty object

     

       33
       +
       type DeleteVoteOutput struct{}

     

       34
       +
       

     

       35
       +
       // HandleDeleteVote removes a vote from a post or comment

     

       36
       +
       // POST /xrpc/social.coves.vote.delete

     

       37
       +
       //

     

       38
       +
       // Request body: { "subject": { "uri": "at://...", "cid": "..." } }

     

       39
       +
       // Response: { "success": true }

     

       40
       +
       func (h *DeleteVoteHandler) HandleDeleteVote(w http.ResponseWriter, r *http.Request) {

     

       41
       +
       	if r.Method != http.MethodPost {

     

       42
       +
       		http.Error(w, "Method not allowed", http.StatusMethodNotAllowed)

     

       43
       +
       		return

     

       44
       +
       	}

     

       45
       +
       

     

       46
       +
       	// Parse request body

     

       47
       +
       	var input DeleteVoteInput

     

       48
       +
       	if err := json.NewDecoder(r.Body).Decode(&input); err != nil {

     

       49
       +
       		writeError(w, http.StatusBadRequest, "InvalidRequest", "Invalid request body")

     

       50
       +
       		return

     

       51
       +
       	}

     

       52
       +
       

     

       53
       +
       	// Validate required fields

     

       54
       +
       	if input.Subject.URI == "" {

     

       55
       +
       		writeError(w, http.StatusBadRequest, "InvalidRequest", "subject.uri is required")

     

       56
       +
       		return

     

       57
       +
       	}

     

       58
       +
       	if input.Subject.CID == "" {

     

       59
       +
       		writeError(w, http.StatusBadRequest, "InvalidRequest", "subject.cid is required")

     

       60
       +
       		return

     

       61
       +
       	}

     

       62
       +
       

     

       63
       +
       	// Get OAuth session from context (injected by auth middleware)

     

       64
       +
       	session := middleware.GetOAuthSession(r)

     

       65
       +
       	if session == nil {

     

       66
       +
       		writeError(w, http.StatusUnauthorized, "AuthRequired", "Authentication required")

     

       67
       +
       		return

     

       68
       +
       	}

     

       69
       +
       

     

       70
       +
       	// Create delete vote request

     

       71
       +
       	req := votes.DeleteVoteRequest{

     

       72
       +
       		Subject: votes.StrongRef{

     

       73
       +
       			URI: input.Subject.URI,

     

       74
       +
       			CID: input.Subject.CID,

     

       75
       +
       		},

     

       76
       +
       	}

     

       77
       +
       

     

       78
       +
       	// Call service to delete vote

     

       79
       +
       	err := h.service.DeleteVote(r.Context(), session, req)

     

       80
       +
       	if err != nil {

     

       81
       +
       		handleServiceError(w, err)

     

       82
       +
       		return

     

       83
       +
       	}

     

       84
       +
       

     

       85
       +
       	// Return success response (empty object per lexicon)

     

       86
       +
       	output := DeleteVoteOutput{}

     

       87
       +
       

     

       88
       +
       	w.Header().Set("Content-Type", "application/json")

     

       89
       +
       	w.WriteHeader(http.StatusOK)

     

       90
       +
       	if err := json.NewEncoder(w).Encode(output); err != nil {

     

       91
       +
       		log.Printf("Failed to encode response: %v", err)

     

       92
       +
       	}

     

       93
       +
       }

+24

internal/api/routes/vote.go

···

       1
       +
       package routes

     

       2
       +
       

     

       3
       +
       import (

     

       4
       +
       	"Coves/internal/api/handlers/vote"

     

       5
       +
       	"Coves/internal/api/middleware"

     

       6
       +
       	"Coves/internal/core/votes"

     

       7
       +
       

     

       8
       +
       	"github.com/go-chi/chi/v5"

     

       9
       +
       )

     

       10
       +
       

     

       11
       +
       // RegisterVoteRoutes registers vote-related XRPC endpoints on the router

     

       12
       +
       // Implements social.coves.feed.vote.* lexicon endpoints

     

       13
       +
       func RegisterVoteRoutes(r chi.Router, voteService votes.Service, authMiddleware *middleware.OAuthAuthMiddleware) {

     

       14
       +
       	// Initialize handlers

     

       15
       +
       	createHandler := vote.NewCreateVoteHandler(voteService)

     

       16
       +
       	deleteHandler := vote.NewDeleteVoteHandler(voteService)

     

       17
       +
       

     

       18
       +
       	// Procedure endpoints (POST) - require authentication

     

       19
       +
       	// social.coves.feed.vote.create - create or update a vote on a post/comment

     

       20
       +
       	r.With(authMiddleware.RequireAuth).Post("/xrpc/social.coves.feed.vote.create", createHandler.HandleCreateVote)

     

       21
       +
       

     

       22
       +
       	// social.coves.feed.vote.delete - delete a vote from a post/comment

     

       23
       +
       	r.With(authMiddleware.RequireAuth).Post("/xrpc/social.coves.feed.vote.delete", deleteHandler.HandleDeleteVote)

     

       24
       +
       }

+16

tests/integration/helpers.go

···

       322
        
       

     

       323
        
       // AddSession adds a session to the store

     

       324
        
       func (m *MockOAuthStore) AddSession(did, sessionID, accessToken string) {

     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       325
        
       	key := did + ":" + sessionID

     

       326
        
       	parsedDID, _ := syntax.ParseDID(did)

     

       327
        
       	m.sessions[key] = &oauthlib.ClientSessionData{

     

       328
        
       		AccountDID:  parsedDID,

     

       329
        
       		SessionID:   sessionID,

     

       330
        
       		AccessToken: accessToken,

     

       0
        
       
     

       331
        
       	}

     

       332
        
       }

     

       333
        
       

     
···

       409
        
       	e.store.AddSession(did, sessionID, "access-token-"+did)

     

       410
        
       	return token

     

       411
        
       }

     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0

···

       322
        
       

     

       323
        
       // AddSession adds a session to the store

     

       324
        
       func (m *MockOAuthStore) AddSession(did, sessionID, accessToken string) {

     

       325
       +
       	m.AddSessionWithPDS(did, sessionID, accessToken, getTestPDSURL())

     

       326
       +
       }

     

       327
       +
       

     

       328
       +
       // AddSessionWithPDS adds a session to the store with a specific PDS URL

     

       329
       +
       func (m *MockOAuthStore) AddSessionWithPDS(did, sessionID, accessToken, pdsURL string) {

     

       330
        
       	key := did + ":" + sessionID

     

       331
        
       	parsedDID, _ := syntax.ParseDID(did)

     

       332
        
       	m.sessions[key] = &oauthlib.ClientSessionData{

     

       333
        
       		AccountDID:  parsedDID,

     

       334
        
       		SessionID:   sessionID,

     

       335
        
       		AccessToken: accessToken,

     

       336
       +
       		HostURL:     pdsURL,

     

       337
        
       	}

     

       338
        
       }

     

       339
        
       

     
···

       415
        
       	e.store.AddSession(did, sessionID, "access-token-"+did)

     

       416
        
       	return token

     

       417
        
       }

     

       418
       +
       

     

       419
       +
       // AddUserWithPDSToken registers a user with their real PDS access token

     

       420
       +
       // Use this for E2E tests that need to write to the real PDS

     

       421
       +
       func (e *E2EOAuthMiddleware) AddUserWithPDSToken(did, pdsAccessToken, pdsURL string) string {

     

       422
       +
       	token := "test-token-" + did

     

       423
       +
       	sessionID := "session-" + did

     

       424
       +
       	e.unsealer.AddSession(token, did, sessionID)

     

       425
       +
       	e.store.AddSessionWithPDS(did, sessionID, pdsAccessToken, pdsURL)

     

       426
       +
       	return token

     

       427
       +
       }

+3

.beads/beads.left.jsonl

···

       1
       +
       {"id":"Coves-95q","content_hash":"8ec99d598f067780436b985f9ad57f0fa19632026981038df4f65f192186620b","title":"Add comprehensive API documentation","description":"","status":"open","priority":2,"issue_type":"task","created_at":"2025-11-17T20:30:34.835721854-08:00","updated_at":"2025-11-17T20:30:34.835721854-08:00","source_repo":".","dependencies":[{"issue_id":"Coves-95q","depends_on_id":"Coves-e16","type":"blocks","created_at":"2025-11-17T20:30:46.273899399-08:00","created_by":"daemon"}]}

     

       2
       +
       {"id":"Coves-e16","content_hash":"7c5d0fc8f0e7f626be3dad62af0e8412467330bad01a244e5a7e52ac5afff1c1","title":"Complete post creation and moderation features","description":"","status":"open","priority":1,"issue_type":"feature","created_at":"2025-11-17T20:30:12.885991306-08:00","updated_at":"2025-11-17T20:30:12.885991306-08:00","source_repo":"."}

     

       3
       +
       {"id":"Coves-fce","content_hash":"26b3e16b99f827316ee0d741cc959464bd0c813446c95aef8105c7fd1e6b09ff","title":"Implement aggregator feed federation","description":"","status":"open","priority":1,"issue_type":"feature","created_at":"2025-11-17T20:30:21.453326012-08:00","updated_at":"2025-11-17T20:30:21.453326012-08:00","source_repo":"."}

+1

.beads/beads.left.meta.json

···

       0

···

       1
       +
       {"version":"0.23.1","timestamp":"2025-12-02T18:25:24.009187871-08:00","commit":"00d7d8d"}

+5 -28

cmd/server/main.go

···

       393
        
       	commentRepo := postgresRepo.NewCommentRepository(db)

     

       394
        
       	log.Println("✅ Comment repository initialized (Jetstream indexing only)")

     

       395
        
       

     

       396
       -
       	// Initialize subject validator for votes (checks posts and comments exist)

     

       397
       -
       	subjectValidator := votes.NewCompositeSubjectValidator(

     

       398
       -
       		// Post existence checker

     

       399
       -
       		func(ctx context.Context, uri string) (bool, error) {

     

       400
       -
       			_, err := postRepo.GetByURI(ctx, uri)

     

       401
       -
       			if err != nil {

     

       402
       -
       				if err == posts.ErrNotFound {

     

       403
       -
       					return false, nil

     

       404
       -
       				}

     

       405
       -
       				return false, err

     

       406
       -
       			}

     

       407
       -
       			return true, nil

     

       408
       -
       		},

     

       409
       -
       		// Comment existence checker

     

       410
       -
       		func(ctx context.Context, uri string) (bool, error) {

     

       411
       -
       			_, err := commentRepo.GetByURI(ctx, uri)

     

       412
       -
       			if err != nil {

     

       413
       -
       				if err == comments.ErrCommentNotFound {

     

       414
       -
       					return false, nil

     

       415
       -
       				}

     

       416
       -
       				return false, err

     

       417
       -
       			}

     

       418
       -
       			return true, nil

     

       419
       -
       		},

     

       420
       -
       	)

     

       421
       -
       

     

       422
        
       	// Initialize vote service (for XRPC API endpoints)

     

       423
       -
       	voteService := votes.NewService(voteRepo, subjectValidator, oauthClient, oauthStore, nil)

     

       424
       -
       	log.Println("✅ Vote service initialized (with OAuth authentication and subject validation)")

     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       425
        
       

     

       426
        
       	// Initialize comment service (for query API)

     

       427
        
       	// Requires user and community repos for proper author/community hydration per lexicon

···

       393
        
       	commentRepo := postgresRepo.NewCommentRepository(db)

     

       394
        
       	log.Println("✅ Comment repository initialized (Jetstream indexing only)")

     

       395
        
       

     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       396
        
       	// Initialize vote service (for XRPC API endpoints)

     

       397
       +
       	// Note: We don't validate subject existence - the vote goes to the user's PDS regardless.

     

       398
       +
       	// The Jetstream consumer handles orphaned votes correctly by only updating counts for

     

       399
       +
       	// non-deleted subjects. This avoids race conditions and eventual consistency issues.

     

       400
       +
       	voteService := votes.NewService(voteRepo, oauthClient, oauthStore, nil)

     

       401
       +
       	log.Println("✅ Vote service initialized (with OAuth authentication)")

     

       402
        
       

     

       403
        
       	// Initialize comment service (for query API)

     

       404
        
       	// Requires user and community repos for proper author/community hydration per lexicon

-3

internal/api/handlers/vote/errors.go

···

       34
        
       	case errors.Is(err, votes.ErrVoteNotFound):

     

       35
        
       		// Matches: social.coves.feed.vote.delete#VoteNotFound

     

       36
        
       		writeError(w, http.StatusNotFound, "VoteNotFound", "No vote found for this subject")

     

       37
       -
       	case errors.Is(err, votes.ErrSubjectNotFound):

     

       38
       -
       		// Matches: social.coves.feed.vote.create#SubjectNotFound

     

       39
       -
       		writeError(w, http.StatusNotFound, "SubjectNotFound", "The subject post or comment was not found")

     

       40
        
       	case errors.Is(err, votes.ErrInvalidDirection):

     

       41
        
       		writeError(w, http.StatusBadRequest, "InvalidRequest", "Vote direction must be 'up' or 'down'")

     

       42
        
       	case errors.Is(err, votes.ErrInvalidSubject):

···

       34
        
       	case errors.Is(err, votes.ErrVoteNotFound):

     

       35
        
       		// Matches: social.coves.feed.vote.delete#VoteNotFound

     

       36
        
       		writeError(w, http.StatusNotFound, "VoteNotFound", "No vote found for this subject")

     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       37
        
       	case errors.Is(err, votes.ErrInvalidDirection):

     

       38
        
       		writeError(w, http.StatusBadRequest, "InvalidRequest", "Vote direction must be 'up' or 'down'")

     

       39
        
       	case errors.Is(err, votes.ErrInvalidSubject):

-3

internal/core/votes/errors.go

···

       6
        
       	// ErrVoteNotFound indicates the requested vote doesn't exist

     

       7
        
       	ErrVoteNotFound = errors.New("vote not found")

     

       8
        
       

     

       9
       -
       	// ErrSubjectNotFound indicates the post/comment being voted on doesn't exist

     

       10
       -
       	ErrSubjectNotFound = errors.New("subject not found")

     

       11
       -
       

     

       12
        
       	// ErrInvalidDirection indicates the vote direction is not "up" or "down"

     

       13
        
       	ErrInvalidDirection = errors.New("invalid vote direction: must be 'up' or 'down'")

     

       14

···

       6
        
       	// ErrVoteNotFound indicates the requested vote doesn't exist

     

       7
        
       	ErrVoteNotFound = errors.New("vote not found")

     

       8
        
       

     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       9
        
       	// ErrInvalidDirection indicates the vote direction is not "up" or "down"

     

       10
        
       	ErrInvalidDirection = errors.New("invalid vote direction: must be 'up' or 'down'")

     

       11

+14 -27

internal/core/votes/service_impl.go

···

       19
        
       

     

       20
        
       // voteService implements the Service interface for vote operations

     

       21
        
       type voteService struct {

     

       22
       -
       	repo             Repository

     

       23
       -
       	subjectValidator SubjectValidator

     

       24
       -
       	oauthClient      *oauthclient.OAuthClient

     

       25
       -
       	oauthStore       oauth.ClientAuthStore

     

       26
       -
       	logger           *slog.Logger

     

       27
        
       }

     

       28
        
       

     

       29
        
       // NewService creates a new vote service instance

     

       30
       -
       // subjectValidator can be nil to skip subject existence checks (not recommended for production)

     

       31
       -
       func NewService(repo Repository, subjectValidator SubjectValidator, oauthClient *oauthclient.OAuthClient, oauthStore oauth.ClientAuthStore, logger *slog.Logger) Service {

     

       32
        
       	if logger == nil {

     

       33
        
       		logger = slog.Default()

     

       34
        
       	}

     

       35
        
       	return &voteService{

     

       36
       -
       		repo:             repo,

     

       37
       -
       		subjectValidator: subjectValidator,

     

       38
       -
       		oauthClient:      oauthClient,

     

       39
       -
       		oauthStore:       oauthStore,

     

       40
       -
       		logger:           logger,

     

       41
        
       	}

     

       42
        
       }

     

       43
        
       

     
···

       65
        
       		return nil, ErrInvalidSubject

     

       66
        
       	}

     

       67
        
       

     

       68
       -
       	// Validate subject exists in AppView (post or comment)

     

       69
       -
       	// This prevents creating votes on non-existent content

     

       70
       -
       	if s.subjectValidator != nil {

     

       71
       -
       		exists, err := s.subjectValidator.SubjectExists(ctx, req.Subject.URI)

     

       72
       -
       		if err != nil {

     

       73
       -
       			s.logger.Error("failed to validate subject existence",

     

       74
       -
       				"error", err,

     

       75
       -
       				"subject", req.Subject.URI)

     

       76
       -
       			return nil, fmt.Errorf("failed to validate subject: %w", err)

     

       77
       -
       		}

     

       78
       -
       		if !exists {

     

       79
       -
       			return nil, ErrSubjectNotFound

     

       80
       -
       		}

     

       81
       -
       	}

     

       82
        
       

     

       83
        
       	// Check for existing vote by querying PDS directly (source of truth)

     

       84
        
       	// This avoids eventual consistency issues with the AppView database

     
···

       284
        
       

     

       285
        
       		// Parse the listRecords response

     

       286
        
       		var result struct {

     

       0
        
       
     

       287
        
       			Records []struct {

     

       288
        
       				URI   string `json:"uri"`

     

       289
        
       				CID   string `json:"cid"`

     
···

       297
        
       					CreatedAt string `json:"createdAt"`

     

       298
        
       				} `json:"value"`

     

       299
        
       			} `json:"records"`

     

       300
       -
       			Cursor string `json:"cursor"`

     

       301
        
       		}

     

       302
        
       

     

       303
        
       		if err := json.Unmarshal(body, &result); err != nil {

···

       19
        
       

     

       20
        
       // voteService implements the Service interface for vote operations

     

       21
        
       type voteService struct {

     

       22
       +
       	repo        Repository

     

       23
       +
       	oauthClient *oauthclient.OAuthClient

     

       24
       +
       	oauthStore  oauth.ClientAuthStore

     

       25
       +
       	logger      *slog.Logger

     

       0
        
       
     

       26
        
       }

     

       27
        
       

     

       28
        
       // NewService creates a new vote service instance

     

       29
       +
       func NewService(repo Repository, oauthClient *oauthclient.OAuthClient, oauthStore oauth.ClientAuthStore, logger *slog.Logger) Service {

     

       0
        
       
     

       30
        
       	if logger == nil {

     

       31
        
       		logger = slog.Default()

     

       32
        
       	}

     

       33
        
       	return &voteService{

     

       34
       +
       		repo:        repo,

     

       35
       +
       		oauthClient: oauthClient,

     

       36
       +
       		oauthStore:  oauthStore,

     

       37
       +
       		logger:      logger,

     

       0
        
       
     

       38
        
       	}

     

       39
        
       }

     

       40
        
       

     
···

       62
        
       		return nil, ErrInvalidSubject

     

       63
        
       	}

     

       64
        
       

     

       65
       +
       	// Note: We intentionally don't validate subject existence here.

     

       66
       +
       	// The vote record goes to the user's PDS regardless. The Jetstream consumer

     

       67
       +
       	// handles orphaned votes correctly by only updating counts for non-deleted subjects.

     

       68
       +
       	// This avoids race conditions and eventual consistency issues.

     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       69
        
       

     

       70
        
       	// Check for existing vote by querying PDS directly (source of truth)

     

       71
        
       	// This avoids eventual consistency issues with the AppView database

     
···

       271
        
       

     

       272
        
       		// Parse the listRecords response

     

       273
        
       		var result struct {

     

       274
       +
       			Cursor  string `json:"cursor"`

     

       275
        
       			Records []struct {

     

       276
        
       				URI   string `json:"uri"`

     

       277
        
       				CID   string `json:"cid"`

     
···

       285
        
       					CreatedAt string `json:"createdAt"`

     

       286
        
       				} `json:"value"`

     

       287
        
       			} `json:"records"`

     

       0
        
       
     

       288
        
       		}

     

       289
        
       

     

       290
        
       		if err := json.Unmarshal(body, &result); err != nil {

+3 -2

internal/db/postgres/vote_repo.go

···

       64
        
       	return nil

     

       65
        
       }

     

       66
        
       

     

       67
       -
       // GetByURI retrieves a vote by its AT-URI

     

       68
        
       // Used by Jetstream consumer for DELETE operations

     

       0
        
       
     

       69
        
       func (r *postgresVoteRepo) GetByURI(ctx context.Context, uri string) (*votes.Vote, error) {

     

       70
        
       	query := `

     

       71
        
       		SELECT

     
···

       73
        
       			subject_uri, subject_cid, direction,

     

       74
        
       			created_at, indexed_at, deleted_at

     

       75
        
       		FROM votes

     

       76
       -
       		WHERE uri = $1

     

       77
        
       	`

     

       78
        
       

     

       79
        
       	var vote votes.Vote

···

       64
        
       	return nil

     

       65
        
       }

     

       66
        
       

     

       67
       +
       // GetByURI retrieves an active vote by its AT-URI

     

       68
        
       // Used by Jetstream consumer for DELETE operations

     

       69
       +
       // Returns ErrVoteNotFound for soft-deleted votes

     

       70
        
       func (r *postgresVoteRepo) GetByURI(ctx context.Context, uri string) (*votes.Vote, error) {

     

       71
        
       	query := `

     

       72
        
       		SELECT

     
···

       74
        
       			subject_uri, subject_cid, direction,

     

       75
        
       			created_at, indexed_at, deleted_at

     

       76
        
       		FROM votes

     

       77
       +
       		WHERE uri = $1 AND deleted_at IS NULL

     

       78
        
       	`

     

       79
        
       

     

       80
        
       	var vote votes.Vote

Compare changes