comparing e2826acfa65504b336495683235852b9e86c2fc4 and main on bretton.dev/coves

.beads/beads.left.jsonl

···

       1
       +
       {"id":"Coves-95q","content_hash":"8ec99d598f067780436b985f9ad57f0fa19632026981038df4f65f192186620b","title":"Add comprehensive API documentation","description":"","status":"open","priority":2,"issue_type":"task","created_at":"2025-11-17T20:30:34.835721854-08:00","updated_at":"2025-11-17T20:30:34.835721854-08:00","source_repo":".","dependencies":[{"issue_id":"Coves-95q","depends_on_id":"Coves-e16","type":"blocks","created_at":"2025-11-17T20:30:46.273899399-08:00","created_by":"daemon"}]}

     

       2
       +
       {"id":"Coves-e16","content_hash":"7c5d0fc8f0e7f626be3dad62af0e8412467330bad01a244e5a7e52ac5afff1c1","title":"Complete post creation and moderation features","description":"","status":"open","priority":1,"issue_type":"feature","created_at":"2025-11-17T20:30:12.885991306-08:00","updated_at":"2025-11-17T20:30:12.885991306-08:00","source_repo":"."}

     

       3
       +
       {"id":"Coves-fce","content_hash":"26b3e16b99f827316ee0d741cc959464bd0c813446c95aef8105c7fd1e6b09ff","title":"Implement aggregator feed federation","description":"","status":"open","priority":1,"issue_type":"feature","created_at":"2025-11-17T20:30:21.453326012-08:00","updated_at":"2025-11-17T20:30:21.453326012-08:00","source_repo":"."}

.beads/beads.left.meta.json

···

       0

···

       1
       +
       {"version":"0.23.1","timestamp":"2025-12-02T18:25:24.009187871-08:00","commit":"00d7d8d"}

+2 -8

internal/api/handlers/vote/create_vote_test.go

···

       344
        
       

     

       345
        
       func TestCreateVoteHandler_ServiceError(t *testing.T) {

     

       346
        
       	tests := []struct {

     

       347
       -
       		name           string

     

       348
        
       		serviceError   error

     

       349
       -
       		expectedStatus int

     

       350
        
       		expectedError  string

     

       0
        
       
     

       351
        
       	}{

     

       352
       -
       		{

     

       353
       -
       			name:           "subject not found",

     

       354
       -
       			serviceError:   votes.ErrSubjectNotFound,

     

       355
       -
       			expectedStatus: http.StatusNotFound,

     

       356
       -
       			expectedError:  "SubjectNotFound", // Per lexicon: social.coves.feed.vote.create#SubjectNotFound

     

       357
       -
       		},

     

       358
        
       		{

     

       359
        
       			name:           "invalid direction",

     

       360
        
       			serviceError:   votes.ErrInvalidDirection,

···

       344
        
       

     

       345
        
       func TestCreateVoteHandler_ServiceError(t *testing.T) {

     

       346
        
       	tests := []struct {

     

       0
        
       
     

       347
        
       		serviceError   error

     

       348
       +
       		name           string

     

       349
        
       		expectedError  string

     

       350
       +
       		expectedStatus int

     

       351
        
       	}{

     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       352
        
       		{

     

       353
        
       			name:           "invalid direction",

     

       354
        
       			serviceError:   votes.ErrInvalidDirection,

+2 -8

internal/api/handlers/vote/delete_vote_test.go

···

       239
        
       

     

       240
        
       func TestDeleteVoteHandler_ServiceError(t *testing.T) {

     

       241
        
       	tests := []struct {

     

       242
       -
       		name           string

     

       243
        
       		serviceError   error

     

       244
       -
       		expectedStatus int

     

       245
        
       		expectedError  string

     

       0
        
       
     

       246
        
       	}{

     

       247
        
       		{

     

       248
        
       			name:           "vote not found",

     
···

       250
        
       			expectedStatus: http.StatusNotFound,

     

       251
        
       			expectedError:  "VoteNotFound", // Per lexicon: social.coves.feed.vote.delete#VoteNotFound

     

       252
        
       		},

     

       253
       -
       		{

     

       254
       -
       			name:           "subject not found",

     

       255
       -
       			serviceError:   votes.ErrSubjectNotFound,

     

       256
       -
       			expectedStatus: http.StatusNotFound,

     

       257
       -
       			expectedError:  "SubjectNotFound", // Per lexicon: social.coves.feed.vote.create#SubjectNotFound

     

       258
       -
       		},

     

       259
        
       		{

     

       260
        
       			name:           "invalid subject",

     

       261
        
       			serviceError:   votes.ErrInvalidSubject,

···

       239
        
       

     

       240
        
       func TestDeleteVoteHandler_ServiceError(t *testing.T) {

     

       241
        
       	tests := []struct {

     

       0
        
       
     

       242
        
       		serviceError   error

     

       243
       +
       		name           string

     

       244
        
       		expectedError  string

     

       245
       +
       		expectedStatus int

     

       246
        
       	}{

     

       247
        
       		{

     

       248
        
       			name:           "vote not found",

     
···

       250
        
       			expectedStatus: http.StatusNotFound,

     

       251
        
       			expectedError:  "VoteNotFound", // Per lexicon: social.coves.feed.vote.delete#VoteNotFound

     

       252
        
       		},

     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       253
        
       		{

     

       254
        
       			name:           "invalid subject",

     

       255
        
       			serviceError:   votes.ErrInvalidSubject,

-3

internal/api/handlers/vote/errors.go

···

       34
        
       	case errors.Is(err, votes.ErrVoteNotFound):

     

       35
        
       		// Matches: social.coves.feed.vote.delete#VoteNotFound

     

       36
        
       		writeError(w, http.StatusNotFound, "VoteNotFound", "No vote found for this subject")

     

       37
       -
       	case errors.Is(err, votes.ErrSubjectNotFound):

     

       38
       -
       		// Matches: social.coves.feed.vote.create#SubjectNotFound

     

       39
       -
       		writeError(w, http.StatusNotFound, "SubjectNotFound", "The subject post or comment was not found")

     

       40
        
       	case errors.Is(err, votes.ErrInvalidDirection):

     

       41
        
       		writeError(w, http.StatusBadRequest, "InvalidRequest", "Vote direction must be 'up' or 'down'")

     

       42
        
       	case errors.Is(err, votes.ErrInvalidSubject):

···

       34
        
       	case errors.Is(err, votes.ErrVoteNotFound):

     

       35
        
       		// Matches: social.coves.feed.vote.delete#VoteNotFound

     

       36
        
       		writeError(w, http.StatusNotFound, "VoteNotFound", "No vote found for this subject")

     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       37
        
       	case errors.Is(err, votes.ErrInvalidDirection):

     

       38
        
       		writeError(w, http.StatusBadRequest, "InvalidRequest", "Vote direction must be 'up' or 'down'")

     

       39
        
       	case errors.Is(err, votes.ErrInvalidSubject):

+4 -4

internal/atproto/oauth/handlers_security.go

···

       25
        
       // - Android: Verified via /.well-known/assetlinks.json

     

       26
        
       var allowedMobileRedirectURIs = map[string]bool{

     

       27
        
       	// Custom scheme per atproto spec (reverse-domain of coves.social)

     

       28
       -
       	"social.coves:/callback":                  true,

     

       29
       -
       	"social.coves://callback":                 true, // Some platforms add double slash

     

       30
       -
       	"social.coves:/oauth/callback":            true, // Alternative path

     

       31
       -
       	"social.coves://oauth/callback":           true,

     

       32
        
       	// Universal Links - cryptographically bound to app (preferred for security)

     

       33
        
       	"https://coves.social/app/oauth/callback": true,

     

       34
        
       }

···

       25
        
       // - Android: Verified via /.well-known/assetlinks.json

     

       26
        
       var allowedMobileRedirectURIs = map[string]bool{

     

       27
        
       	// Custom scheme per atproto spec (reverse-domain of coves.social)

     

       28
       +
       	"social.coves:/callback":        true,

     

       29
       +
       	"social.coves://callback":       true, // Some platforms add double slash

     

       30
       +
       	"social.coves:/oauth/callback":  true, // Alternative path

     

       31
       +
       	"social.coves://oauth/callback": true,

     

       32
        
       	// Universal Links - cryptographically bound to app (preferred for security)

     

       33
        
       	"https://coves.social/app/oauth/callback": true,

     

       34
        
       }

-3

internal/core/votes/errors.go

···

       6
        
       	// ErrVoteNotFound indicates the requested vote doesn't exist

     

       7
        
       	ErrVoteNotFound = errors.New("vote not found")

     

       8
        
       

     

       9
       -
       	// ErrSubjectNotFound indicates the post/comment being voted on doesn't exist

     

       10
       -
       	ErrSubjectNotFound = errors.New("subject not found")

     

       11
       -
       

     

       12
        
       	// ErrInvalidDirection indicates the vote direction is not "up" or "down"

     

       13
        
       	ErrInvalidDirection = errors.New("invalid vote direction: must be 'up' or 'down'")

     

       14

···

       6
        
       	// ErrVoteNotFound indicates the requested vote doesn't exist

     

       7
        
       	ErrVoteNotFound = errors.New("vote not found")

     

       8
        
       

     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       9
        
       	// ErrInvalidDirection indicates the vote direction is not "up" or "down"

     

       10
        
       	ErrInvalidDirection = errors.New("invalid vote direction: must be 'up' or 'down'")

     

       11

-50

internal/core/votes/subject_validator.go

···

       1
       -
       package votes

     

       2
       -
       

     

       3
       -
       import (

     

       4
       -
       	"context"

     

       5
       -
       	"strings"

     

       6
       -
       )

     

       7
       -
       

     

       8
       -
       // SubjectExistsFunc is a function type that checks if a subject exists

     

       9
       -
       type SubjectExistsFunc func(ctx context.Context, uri string) (bool, error)

     

       10
       -
       

     

       11
       -
       // CompositeSubjectValidator validates subjects by checking both posts and comments

     

       12
       -
       type CompositeSubjectValidator struct {

     

       13
       -
       	postExists    SubjectExistsFunc

     

       14
       -
       	commentExists SubjectExistsFunc

     

       15
       -
       }

     

       16
       -
       

     

       17
       -
       // NewCompositeSubjectValidator creates a validator that checks both posts and comments

     

       18
       -
       // Pass nil for either function to skip validation for that type

     

       19
       -
       func NewCompositeSubjectValidator(postExists, commentExists SubjectExistsFunc) *CompositeSubjectValidator {

     

       20
       -
       	return &CompositeSubjectValidator{

     

       21
       -
       		postExists:    postExists,

     

       22
       -
       		commentExists: commentExists,

     

       23
       -
       	}

     

       24
       -
       }

     

       25
       -
       

     

       26
       -
       // SubjectExists checks if a post or comment exists at the given URI

     

       27
       -
       // Determines type from the collection in the URI (e.g., social.coves.feed.post vs social.coves.feed.comment)

     

       28
       -
       func (v *CompositeSubjectValidator) SubjectExists(ctx context.Context, uri string) (bool, error) {

     

       29
       -
       	// Parse collection from AT-URI: at://did/collection/rkey

     

       30
       -
       	// Example: at://did:plc:xxx/social.coves.feed.post/abc123

     

       31
       -
       	if strings.Contains(uri, "/social.coves.feed.post/") {

     

       32
       -
       		if v.postExists != nil {

     

       33
       -
       			return v.postExists(ctx, uri)

     

       34
       -
       		}

     

       35
       -
       		// If no post checker, assume exists (for testing)

     

       36
       -
       		return true, nil

     

       37
       -
       	}

     

       38
       -
       

     

       39
       -
       	if strings.Contains(uri, "/social.coves.feed.comment/") {

     

       40
       -
       		if v.commentExists != nil {

     

       41
       -
       			return v.commentExists(ctx, uri)

     

       42
       -
       		}

     

       43
       -
       		// If no comment checker, assume exists (for testing)

     

       44
       -
       		return true, nil

     

       45
       -
       	}

     

       46
       -
       

     

       47
       -
       	// Unknown collection type - could be from another app

     

       48
       -
       	// For now, allow voting on unknown types (future-proofing)

     

       49
       -
       	return true, nil

     

       50
       -
       }

-9

internal/core/votes/vote.go

···

       1
        
       package votes

     

       2
        
       

     

       3
        
       import (

     

       4
       -
       	"context"

     

       5
        
       	"time"

     

       6
        
       )

     

       7
        
       

     

       8
       -
       // SubjectValidator validates that vote subjects (posts/comments) exist

     

       9
       -
       // This prevents creating votes on non-existent content

     

       10
       -
       type SubjectValidator interface {

     

       11
       -
       	// SubjectExists checks if a post or comment exists at the given URI

     

       12
       -
       	// Returns true if found, false if not found

     

       13
       -
       	SubjectExists(ctx context.Context, uri string) (bool, error)

     

       14
       -
       }

     

       15
       -
       

     

       16
        
       // Vote represents a vote in the AppView database

     

       17
        
       // Votes are indexed from the firehose after being written to user repositories

     

       18
        
       type Vote struct {

···

       1
        
       package votes

     

       2
        
       

     

       3
        
       import (

     

       0
        
       
     

       4
        
       	"time"

     

       5
        
       )

     

       6
        
       

     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       7
        
       // Vote represents a vote in the AppView database

     

       8
        
       // Votes are indexed from the firehose after being written to user repositories

     

       9
        
       type Vote struct {

+3 -2

internal/db/postgres/vote_repo.go

···

       64
        
       	return nil

     

       65
        
       }

     

       66
        
       

     

       67
       -
       // GetByURI retrieves a vote by its AT-URI

     

       68
        
       // Used by Jetstream consumer for DELETE operations

     

       0
        
       
     

       69
        
       func (r *postgresVoteRepo) GetByURI(ctx context.Context, uri string) (*votes.Vote, error) {

     

       70
        
       	query := `

     

       71
        
       		SELECT

     
···

       73
        
       			subject_uri, subject_cid, direction,

     

       74
        
       			created_at, indexed_at, deleted_at

     

       75
        
       		FROM votes

     

       76
       -
       		WHERE uri = $1

     

       77
        
       	`

     

       78
        
       

     

       79
        
       	var vote votes.Vote

···

       64
        
       	return nil

     

       65
        
       }

     

       66
        
       

     

       67
       +
       // GetByURI retrieves an active vote by its AT-URI

     

       68
        
       // Used by Jetstream consumer for DELETE operations

     

       69
       +
       // Returns ErrVoteNotFound for soft-deleted votes

     

       70
        
       func (r *postgresVoteRepo) GetByURI(ctx context.Context, uri string) (*votes.Vote, error) {

     

       71
        
       	query := `

     

       72
        
       		SELECT

     
···

       74
        
       			subject_uri, subject_cid, direction,

     

       75
        
       			created_at, indexed_at, deleted_at

     

       76
        
       		FROM votes

     

       77
       +
       		WHERE uri = $1 AND deleted_at IS NULL

     

       78
        
       	`

     

       79
        
       

     

       80
        
       	var vote votes.Vote

+18

.env.dev

···

       181
        
       #

     

       182
        
       PLC_DIRECTORY_URL=http://localhost:3002

     

       183
        
       

     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       184
        
       # =============================================================================

     

       185
        
       # Notes

     

       186
        
       # =============================================================================

···

       181
        
       #

     

       182
        
       PLC_DIRECTORY_URL=http://localhost:3002

     

       183
        
       

     

       184
       +
       # =============================================================================

     

       185
       +
       # Dev Mode Quick Reference

     

       186
       +
       # =============================================================================

     

       187
       +
       # REQUIRED for local OAuth to work with local PDS:

     

       188
       +
       #   IS_DEV_ENV=true              # Master switch for dev mode

     

       189
       +
       #   PDS_URL=http://localhost:3001  # Local PDS for handle resolution

     

       190
       +
       #   PLC_DIRECTORY_URL=http://localhost:3002  # Local PLC directory

     

       191
       +
       #   APPVIEW_PUBLIC_URL=http://127.0.0.1:8081  # Use IP not localhost (RFC 8252)

     

       192
       +
       #

     

       193
       +
       # BUILD TAGS:

     

       194
       +
       #   make run      - Runs with -tags dev (includes localhost OAuth resolvers)

     

       195
       +
       #   make build    - Production binary (no dev code)

     

       196
       +
       #   make build-dev - Dev binary (includes dev code)

     

       197
       +
       #

     

       198
       +
       # Dev-only code (only compiled with -tags dev):

     

       199
       +
       #   - internal/atproto/oauth/dev_resolver.go (handle resolution via local PDS)

     

       200
       +
       #   - internal/atproto/oauth/dev_auth_resolver.go (localhost OAuth bypass)

     

       201
       +
       #

     

       202
        
       # =============================================================================

     

       203
        
       # Notes

     

       204
        
       # =============================================================================

+92

.env.dev.example

···

       1
       +
       # Coves Local Development Environment Configuration

     

       2
       +
       # Copy this to .env.dev and fill in your values

     

       3
       +
       #

     

       4
       +
       # Quick Start:

     

       5
       +
       #   1. cp .env.dev.example .env.dev

     

       6
       +
       #   2. Generate OAuth key: go run cmd/genjwks/main.go (copy output to OAUTH_PRIVATE_JWK)

     

       7
       +
       #   3. Generate cookie secret: openssl rand -hex 32

     

       8
       +
       #   4. make dev-up  # Start Docker services

     

       9
       +
       #   5. make run     # Start the server (uses -tags dev)

     

       10
       +
       

     

       11
       +
       # =============================================================================

     

       12
       +
       # Dev Mode Quick Reference

     

       13
       +
       # =============================================================================

     

       14
       +
       # REQUIRED for local OAuth to work with local PDS:

     

       15
       +
       #   IS_DEV_ENV=true              # Master switch for dev mode

     

       16
       +
       #   PDS_URL=http://localhost:3001  # Local PDS for handle resolution

     

       17
       +
       #   PLC_DIRECTORY_URL=http://localhost:3002  # Local PLC directory

     

       18
       +
       #   APPVIEW_PUBLIC_URL=http://127.0.0.1:8081  # Use IP not localhost (RFC 8252)

     

       19
       +
       #

     

       20
       +
       # BUILD TAGS:

     

       21
       +
       #   make run      - Runs with -tags dev (includes localhost OAuth resolvers)

     

       22
       +
       #   make build    - Production binary (no dev code)

     

       23
       +
       #   make build-dev - Dev binary (includes dev code)

     

       24
       +
       

     

       25
       +
       # =============================================================================

     

       26
       +
       # PostgreSQL Configuration

     

       27
       +
       # =============================================================================

     

       28
       +
       POSTGRES_HOST=localhost

     

       29
       +
       POSTGRES_PORT=5435

     

       30
       +
       POSTGRES_DB=coves_dev

     

       31
       +
       POSTGRES_USER=dev_user

     

       32
       +
       POSTGRES_PASSWORD=dev_password

     

       33
       +
       

     

       34
       +
       # Test database

     

       35
       +
       POSTGRES_TEST_DB=coves_test

     

       36
       +
       POSTGRES_TEST_USER=test_user

     

       37
       +
       POSTGRES_TEST_PASSWORD=test_password

     

       38
       +
       POSTGRES_TEST_PORT=5434

     

       39
       +
       

     

       40
       +
       # =============================================================================

     

       41
       +
       # PDS Configuration

     

       42
       +
       # =============================================================================

     

       43
       +
       PDS_HOSTNAME=localhost

     

       44
       +
       PDS_PORT=3001

     

       45
       +
       PDS_SERVICE_ENDPOINT=http://localhost:3000

     

       46
       +
       PDS_DID_PLC_URL=http://plc-directory:3000

     

       47
       +
       PDS_JWT_SECRET=local-dev-jwt-secret-change-in-production

     

       48
       +
       PDS_ADMIN_PASSWORD=admin

     

       49
       +
       PDS_SERVICE_HANDLE_DOMAINS=.local.coves.dev,.community.coves.social

     

       50
       +
       PDS_PLC_ROTATION_KEY=<generate-a-random-hex-key>

     

       51
       +
       

     

       52
       +
       # =============================================================================

     

       53
       +
       # AppView Configuration

     

       54
       +
       # =============================================================================

     

       55
       +
       APPVIEW_PORT=8081

     

       56
       +
       FIREHOSE_URL=ws://localhost:3001/xrpc/com.atproto.sync.subscribeRepos

     

       57
       +
       PDS_URL=http://localhost:3001

     

       58
       +
       APPVIEW_PUBLIC_URL=http://127.0.0.1:8081

     

       59
       +
       

     

       60
       +
       # =============================================================================

     

       61
       +
       # Jetstream Configuration

     

       62
       +
       # =============================================================================

     

       63
       +
       JETSTREAM_URL=ws://localhost:6008/subscribe

     

       64
       +
       

     

       65
       +
       # =============================================================================

     

       66
       +
       # Identity Resolution

     

       67
       +
       # =============================================================================

     

       68
       +
       IDENTITY_CACHE_TTL=24h

     

       69
       +
       PLC_DIRECTORY_URL=http://localhost:3002

     

       70
       +
       

     

       71
       +
       # =============================================================================

     

       72
       +
       # OAuth Configuration (MUST GENERATE YOUR OWN)

     

       73
       +
       # =============================================================================

     

       74
       +
       # Generate with: go run cmd/genjwks/main.go

     

       75
       +
       OAUTH_PRIVATE_JWK=<generate-your-own-jwk>

     

       76
       +
       

     

       77
       +
       # Generate with: openssl rand -hex 32

     

       78
       +
       OAUTH_COOKIE_SECRET=<generate-your-own-secret>

     

       79
       +
       

     

       80
       +
       # =============================================================================

     

       81
       +
       # Development Settings

     

       82
       +
       # =============================================================================

     

       83
       +
       ENV=development

     

       84
       +
       NODE_ENV=development

     

       85
       +
       IS_DEV_ENV=true

     

       86
       +
       LOG_LEVEL=debug

     

       87
       +
       LOG_ENABLED=true

     

       88
       +
       

     

       89
       +
       # Security settings (ONLY for local dev - set to false in production!)

     

       90
       +
       SKIP_DID_WEB_VERIFICATION=true

     

       91
       +
       AUTH_SKIP_VERIFY=true

     

       92
       +
       HS256_ISSUERS=http://localhost:3001

+25 -3

Makefile

···

       1
       -
       .PHONY: help dev-up dev-down dev-logs dev-status dev-reset test e2e-test clean

     

       2
        
       

     

       3
        
       # Default target - show help

     

       4
        
       .DEFAULT_GOAL := help

     
···

       186
        
       

     

       187
        
       ##@ Build & Run

     

       188
        
       

     

       189
       -
       build: ## Build the Coves server

     

       190
       -
       	@echo "$(GREEN)Building Coves server...$(RESET)"

     

       191
        
       	@go build -o server ./cmd/server

     

       192
        
       	@echo "$(GREEN)✓ Build complete: ./server$(RESET)"

     

       193
        
       

     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       194
        
       run: ## Run the Coves server with dev environment (requires database running)

     

       195
        
       	@./scripts/dev-run.sh

     

       196
        
       

     
···

       236
        
       	@adb reverse --remove-all || echo "$(YELLOW)No device connected$(RESET)"

     

       237
        
       	@echo "$(GREEN)✓ Port forwarding removed$(RESET)"

     

       238
        
       

     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       239
        
       ngrok-up: ## Start ngrok tunnels (for iOS or WiFi testing - requires paid plan for 3 tunnels)

     

       240
        
       	@echo "$(GREEN)Starting ngrok tunnels for mobile testing...$(RESET)"

     

       241
        
       	@./scripts/start-ngrok.sh

···

       1
       +
       .PHONY: help dev-up dev-down dev-logs dev-status dev-reset test e2e-test clean verify-stack create-test-account mobile-full-setup

     

       2
        
       

     

       3
        
       # Default target - show help

     

       4
        
       .DEFAULT_GOAL := help

     
···

       186
        
       

     

       187
        
       ##@ Build & Run

     

       188
        
       

     

       189
       +
       build: ## Build the Coves server (production - no dev code)

     

       190
       +
       	@echo "$(GREEN)Building Coves server (production)...$(RESET)"

     

       191
        
       	@go build -o server ./cmd/server

     

       192
        
       	@echo "$(GREEN)✓ Build complete: ./server$(RESET)"

     

       193
        
       

     

       194
       +
       build-dev: ## Build the Coves server with dev mode (includes localhost OAuth resolvers)

     

       195
       +
       	@echo "$(GREEN)Building Coves server (dev mode)...$(RESET)"

     

       196
       +
       	@go build -tags dev -o server ./cmd/server

     

       197
       +
       	@echo "$(GREEN)✓ Build complete: ./server (with dev tags)$(RESET)"

     

       198
       +
       

     

       199
        
       run: ## Run the Coves server with dev environment (requires database running)

     

       200
        
       	@./scripts/dev-run.sh

     

       201
        
       

     
···

       241
        
       	@adb reverse --remove-all || echo "$(YELLOW)No device connected$(RESET)"

     

       242
        
       	@echo "$(GREEN)✓ Port forwarding removed$(RESET)"

     

       243
        
       

     

       244
       +
       verify-stack: ## Verify local development stack (PLC, PDS, configs)

     

       245
       +
       	@./scripts/verify-local-stack.sh

     

       246
       +
       

     

       247
       +
       create-test-account: ## Create a test account on local PDS for OAuth testing

     

       248
       +
       	@./scripts/create-test-account.sh

     

       249
       +
       

     

       250
       +
       mobile-full-setup: verify-stack create-test-account mobile-setup ## Full mobile setup: verify stack, create account, setup ports

     

       251
       +
       	@echo ""

     

       252
       +
       	@echo "$(GREEN)═══════════════════════════════════════════════════════════$(RESET)"

     

       253
       +
       	@echo "$(GREEN)  Mobile development environment ready!                     $(RESET)"

     

       254
       +
       	@echo "$(GREEN)═══════════════════════════════════════════════════════════$(RESET)"

     

       255
       +
       	@echo ""

     

       256
       +
       	@echo "$(CYAN)Run the Flutter app with:$(RESET)"

     

       257
       +
       	@echo "  $(YELLOW)cd /home/bretton/Code/coves-mobile$(RESET)"

     

       258
       +
       	@echo "  $(YELLOW)flutter run --dart-define=ENVIRONMENT=local$(RESET)"

     

       259
       +
       	@echo ""

     

       260
       +
       

     

       261
        
       ngrok-up: ## Start ngrok tunnels (for iOS or WiFi testing - requires paid plan for 3 tunnels)

     

       262
        
       	@echo "$(GREEN)Starting ngrok tunnels for mobile testing...$(RESET)"

     

       263
        
       	@./scripts/start-ngrok.sh

+5 -1

docker-compose.dev.yml

···

       58
        
       

     

       59
        
         # Bluesky Personal Data Server (PDS)

     

       60
        
         # Handles user repositories, DIDs, and CAR files

     

       0
        
       
     

       61
        
         pds:

     

       62
        
           image: ghcr.io/bluesky-social/pds:latest

     

       63
        
           container_name: coves-dev-pds

     
···

       69
        
             PDS_PORT: 3001  # Match external port for correct DID registration

     

       70
        
             PDS_DATA_DIRECTORY: /pds

     

       71
        
             PDS_BLOBSTORE_DISK_LOCATION: /pds/blocks

     

       72
       -
             PDS_DID_PLC_URL: ${PDS_DID_PLC_URL:-https://plc.directory}

     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       73
        
             # PDS_CRAWLERS not needed - we're not using a relay for local dev

     

       74
        
       

     

       75
        
             # Note: PDS uses its own internal SQLite database and CAR file storage

···

       58
        
       

     

       59
        
         # Bluesky Personal Data Server (PDS)

     

       60
        
         # Handles user repositories, DIDs, and CAR files

     

       61
       +
         # NOTE: When using --profile plc, PDS waits for PLC directory to be healthy

     

       62
        
         pds:

     

       63
        
           image: ghcr.io/bluesky-social/pds:latest

     

       64
        
           container_name: coves-dev-pds

     
···

       70
        
             PDS_PORT: 3001  # Match external port for correct DID registration

     

       71
        
             PDS_DATA_DIRECTORY: /pds

     

       72
        
             PDS_BLOBSTORE_DISK_LOCATION: /pds/blocks

     

       73
       +
             # IMPORTANT: For local E2E testing, this MUST point to local PLC directory

     

       74
       +
             # Default to local PLC (http://plc-directory:3000) for full local stack

     

       75
       +
             # The container hostname 'plc-directory' is used for Docker network communication

     

       76
       +
             PDS_DID_PLC_URL: ${PDS_DID_PLC_URL:-http://plc-directory:3000}

     

       77
        
             # PDS_CRAWLERS not needed - we're not using a relay for local dev

     

       78
        
       

     

       79
        
             # Note: PDS uses its own internal SQLite database and CAR file storage

+13 -2

internal/atproto/oauth/client.go

···

       3
        
       import (

     

       4
        
       	"encoding/base64"

     

       5
        
       	"fmt"

     

       0
        
       
     

       6
        
       	"net/url"

     

       7
        
       	"time"

     

       8
        
       

     
···

       22
        
       	PublicURL       string

     

       23
        
       	SealSecret      string

     

       24
        
       	PLCURL          string

     

       0
        
       
     

       25
        
       	Scopes          []string

     

       26
        
       	SessionTTL      time.Duration

     

       27
        
       	SealedTokenTTL  time.Duration

     
···

       77
        
       	// Create indigo client config

     

       78
        
       	var clientConfig oauth.ClientConfig

     

       79
        
       	if config.DevMode {

     

       80
       -
       		// Dev mode: localhost with HTTP

     

       81
       -
       		callbackURL := "http://localhost:3000/oauth/callback"

     

       0
        
       
     

       0
        
       
     

       82
        
       		clientConfig = oauth.NewLocalhostConfig(callbackURL, config.Scopes)

     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       83
        
       	} else {

     

       84
        
       		// Production mode: public OAuth client with HTTPS

     

       85
        
       		// client_id must be the URL of the client metadata document per atproto OAuth spec

     
···

       112
        
       		// Use pointer since CacheDirectory methods have pointer receivers

     

       113
        
       		cacheDir := identity.NewCacheDirectory(baseDir, 100_000, time.Hour*24, time.Minute*2, time.Minute*5)

     

       114
        
       		clientApp.Dir = &cacheDir

     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       115
        
       	}

     

       116
        
       

     

       117
        
       	return &OAuthClient{

···

       3
        
       import (

     

       4
        
       	"encoding/base64"

     

       5
        
       	"fmt"

     

       6
       +
       	"log/slog"

     

       7
        
       	"net/url"

     

       8
        
       	"time"

     

       9
        
       

     
···

       23
        
       	PublicURL       string

     

       24
        
       	SealSecret      string

     

       25
        
       	PLCURL          string

     

       26
       +
       	PDSURL          string // For dev mode: resolve handles via local PDS

     

       27
        
       	Scopes          []string

     

       28
        
       	SessionTTL      time.Duration

     

       29
        
       	SealedTokenTTL  time.Duration

     
···

       79
        
       	// Create indigo client config

     

       80
        
       	var clientConfig oauth.ClientConfig

     

       81
        
       	if config.DevMode {

     

       82
       +
       		// Dev mode: loopback with HTTP

     

       83
       +
       		// IMPORTANT: Use 127.0.0.1 instead of localhost per RFC 8252 - PDS rejects localhost

     

       84
       +
       		// The callback URL must match the APPVIEW_PUBLIC_URL from .env.dev

     

       85
       +
       		callbackURL := config.PublicURL + "/oauth/callback"

     

       86
        
       		clientConfig = oauth.NewLocalhostConfig(callbackURL, config.Scopes)

     

       87
       +
       		slog.Info("dev mode: OAuth client configured",

     

       88
       +
       			"callback_url", callbackURL,

     

       89
       +
       			"client_id", clientConfig.ClientID)

     

       90
        
       	} else {

     

       91
        
       		// Production mode: public OAuth client with HTTPS

     

       92
        
       		// client_id must be the URL of the client metadata document per atproto OAuth spec

     
···

       119
        
       		// Use pointer since CacheDirectory methods have pointer receivers

     

       120
        
       		cacheDir := identity.NewCacheDirectory(baseDir, 100_000, time.Hour*24, time.Minute*2, time.Minute*5)

     

       121
        
       		clientApp.Dir = &cacheDir

     

       122
       +
       		// Log the PLC URL being used for OAuth directory resolution

     

       123
       +
       		fmt.Printf("🔐 OAuth client directory configured with PLC URL: %s (AllowPrivateIPs: %v)\n", config.PLCURL, config.AllowPrivateIPs)

     

       124
       +
       	} else {

     

       125
       +
       		fmt.Println("⚠️  OAuth client using DEFAULT PLC directory (production plc.directory)")

     

       126
        
       	}

     

       127
        
       

     

       128
        
       	return &OAuthClient{

+285

internal/atproto/oauth/dev_auth_resolver.go

···

       1
       +
       //go:build dev

     

       2
       +
       

     

       3
       +
       package oauth

     

       4
       +
       

     

       5
       +
       import (

     

       6
       +
       	"context"

     

       7
       +
       	"encoding/json"

     

       8
       +
       	"fmt"

     

       9
       +
       	"log/slog"

     

       10
       +
       	"net/http"

     

       11
       +
       	"net/url"

     

       12
       +
       	"strings"

     

       13
       +
       

     

       14
       +
       	oauthlib "github.com/bluesky-social/indigo/atproto/auth/oauth"

     

       15
       +
       	"github.com/bluesky-social/indigo/atproto/identity"

     

       16
       +
       	"github.com/bluesky-social/indigo/atproto/syntax"

     

       17
       +
       )

     

       18
       +
       

     

       19
       +
       // DevAuthResolver is a custom OAuth resolver that allows HTTP localhost URLs for development.

     

       20
       +
       // The standard indigo OAuth resolver requires HTTPS and no port numbers, which breaks local testing.

     

       21
       +
       type DevAuthResolver struct {

     

       22
       +
       	Client         *http.Client

     

       23
       +
       	UserAgent      string

     

       24
       +
       	PDSURL         string // For resolving handles via local PDS

     

       25
       +
       	handleResolver *DevHandleResolver

     

       26
       +
       }

     

       27
       +
       

     

       28
       +
       // ProtectedResourceMetadata matches the OAuth protected resource metadata document format

     

       29
       +
       type ProtectedResourceMetadata struct {

     

       30
       +
       	Resource             string   `json:"resource"`

     

       31
       +
       	AuthorizationServers []string `json:"authorization_servers"`

     

       32
       +
       }

     

       33
       +
       

     

       34
       +
       // NewDevAuthResolver creates a resolver that accepts localhost HTTP URLs

     

       35
       +
       func NewDevAuthResolver(pdsURL string, allowPrivateIPs bool) *DevAuthResolver {

     

       36
       +
       	resolver := &DevAuthResolver{

     

       37
       +
       		Client:    NewSSRFSafeHTTPClient(allowPrivateIPs),

     

       38
       +
       		UserAgent: "Coves/1.0",

     

       39
       +
       		PDSURL:    pdsURL,

     

       40
       +
       	}

     

       41
       +
       	// Create handle resolver for resolving handles via local PDS

     

       42
       +
       	if pdsURL != "" {

     

       43
       +
       		resolver.handleResolver = NewDevHandleResolver(pdsURL, allowPrivateIPs)

     

       44
       +
       	}

     

       45
       +
       	return resolver

     

       46
       +
       }

     

       47
       +
       

     

       48
       +
       // ResolveAuthServerURL resolves a PDS URL to an auth server URL.

     

       49
       +
       // Unlike indigo's standard resolver, this allows HTTP and ports for localhost.

     

       50
       +
       func (r *DevAuthResolver) ResolveAuthServerURL(ctx context.Context, hostURL string) (string, error) {

     

       51
       +
       	u, err := url.Parse(hostURL)

     

       52
       +
       	if err != nil {

     

       53
       +
       		return "", err

     

       54
       +
       	}

     

       55
       +
       

     

       56
       +
       	// For localhost, allow HTTP and port numbers

     

       57
       +
       	isLocalhost := u.Hostname() == "localhost" || u.Hostname() == "127.0.0.1"

     

       58
       +
       	if !isLocalhost {

     

       59
       +
       		// For non-localhost, enforce HTTPS and no port (standard rules)

     

       60
       +
       		if u.Scheme != "https" || u.Port() != "" {

     

       61
       +
       			return "", fmt.Errorf("not a valid public host URL: %s", hostURL)

     

       62
       +
       		}

     

       63
       +
       	}

     

       64
       +
       

     

       65
       +
       	// Build the protected resource document URL

     

       66
       +
       	var docURL string

     

       67
       +
       	if isLocalhost {

     

       68
       +
       		// For localhost, preserve the port and use HTTP

     

       69
       +
       		port := u.Port()

     

       70
       +
       		if port == "" {

     

       71
       +
       			port = "3001" // Default PDS port

     

       72
       +
       		}

     

       73
       +
       		docURL = fmt.Sprintf("http://%s:%s/.well-known/oauth-protected-resource", u.Hostname(), port)

     

       74
       +
       	} else {

     

       75
       +
       		docURL = fmt.Sprintf("https://%s/.well-known/oauth-protected-resource", u.Hostname())

     

       76
       +
       	}

     

       77
       +
       

     

       78
       +
       	// Fetch the protected resource document

     

       79
       +
       	req, err := http.NewRequestWithContext(ctx, "GET", docURL, nil)

     

       80
       +
       	if err != nil {

     

       81
       +
       		return "", err

     

       82
       +
       	}

     

       83
       +
       	if r.UserAgent != "" {

     

       84
       +
       		req.Header.Set("User-Agent", r.UserAgent)

     

       85
       +
       	}

     

       86
       +
       

     

       87
       +
       	resp, err := r.Client.Do(req)

     

       88
       +
       	if err != nil {

     

       89
       +
       		return "", fmt.Errorf("fetching protected resource document: %w", err)

     

       90
       +
       	}

     

       91
       +
       	defer resp.Body.Close()

     

       92
       +
       

     

       93
       +
       	if resp.StatusCode != http.StatusOK {

     

       94
       +
       		return "", fmt.Errorf("HTTP error fetching protected resource document: %d", resp.StatusCode)

     

       95
       +
       	}

     

       96
       +
       

     

       97
       +
       	var body ProtectedResourceMetadata

     

       98
       +
       	if err := json.NewDecoder(resp.Body).Decode(&body); err != nil {

     

       99
       +
       		return "", fmt.Errorf("invalid protected resource document: %w", err)

     

       100
       +
       	}

     

       101
       +
       

     

       102
       +
       	if len(body.AuthorizationServers) < 1 {

     

       103
       +
       		return "", fmt.Errorf("no auth server URL in protected resource document")

     

       104
       +
       	}

     

       105
       +
       

     

       106
       +
       	authURL := body.AuthorizationServers[0]

     

       107
       +
       

     

       108
       +
       	// Validate the auth server URL (with localhost exception)

     

       109
       +
       	au, err := url.Parse(authURL)

     

       110
       +
       	if err != nil {

     

       111
       +
       		return "", fmt.Errorf("invalid auth server URL: %w", err)

     

       112
       +
       	}

     

       113
       +
       

     

       114
       +
       	authIsLocalhost := au.Hostname() == "localhost" || au.Hostname() == "127.0.0.1"

     

       115
       +
       	if !authIsLocalhost {

     

       116
       +
       		if au.Scheme != "https" || au.Port() != "" {

     

       117
       +
       			return "", fmt.Errorf("invalid auth server URL: %s", authURL)

     

       118
       +
       		}

     

       119
       +
       	}

     

       120
       +
       

     

       121
       +
       	return authURL, nil

     

       122
       +
       }

     

       123
       +
       

     

       124
       +
       // ResolveAuthServerMetadataDev fetches OAuth server metadata from a given auth server URL.

     

       125
       +
       // Unlike indigo's resolver, this allows HTTP and ports for localhost.

     

       126
       +
       func (r *DevAuthResolver) ResolveAuthServerMetadataDev(ctx context.Context, serverURL string) (*oauthlib.AuthServerMetadata, error) {

     

       127
       +
       	u, err := url.Parse(serverURL)

     

       128
       +
       	if err != nil {

     

       129
       +
       		return nil, err

     

       130
       +
       	}

     

       131
       +
       

     

       132
       +
       	// Build metadata URL - preserve port for localhost

     

       133
       +
       	var metaURL string

     

       134
       +
       	isLocalhost := u.Hostname() == "localhost" || u.Hostname() == "127.0.0.1"

     

       135
       +
       	if isLocalhost && u.Port() != "" {

     

       136
       +
       		metaURL = fmt.Sprintf("%s://%s:%s/.well-known/oauth-authorization-server", u.Scheme, u.Hostname(), u.Port())

     

       137
       +
       	} else if isLocalhost {

     

       138
       +
       		metaURL = fmt.Sprintf("%s://%s/.well-known/oauth-authorization-server", u.Scheme, u.Hostname())

     

       139
       +
       	} else {

     

       140
       +
       		metaURL = fmt.Sprintf("https://%s/.well-known/oauth-authorization-server", u.Hostname())

     

       141
       +
       	}

     

       142
       +
       

     

       143
       +
       	slog.Debug("dev mode: fetching auth server metadata", "url", metaURL)

     

       144
       +
       

     

       145
       +
       	req, err := http.NewRequestWithContext(ctx, "GET", metaURL, nil)

     

       146
       +
       	if err != nil {

     

       147
       +
       		return nil, err

     

       148
       +
       	}

     

       149
       +
       	if r.UserAgent != "" {

     

       150
       +
       		req.Header.Set("User-Agent", r.UserAgent)

     

       151
       +
       	}

     

       152
       +
       

     

       153
       +
       	resp, err := r.Client.Do(req)

     

       154
       +
       	if err != nil {

     

       155
       +
       		return nil, fmt.Errorf("fetching auth server metadata: %w", err)

     

       156
       +
       	}

     

       157
       +
       	defer resp.Body.Close()

     

       158
       +
       

     

       159
       +
       	if resp.StatusCode != http.StatusOK {

     

       160
       +
       		return nil, fmt.Errorf("HTTP error fetching auth server metadata: %d", resp.StatusCode)

     

       161
       +
       	}

     

       162
       +
       

     

       163
       +
       	var metadata oauthlib.AuthServerMetadata

     

       164
       +
       	if err := json.NewDecoder(resp.Body).Decode(&metadata); err != nil {

     

       165
       +
       		return nil, fmt.Errorf("invalid auth server metadata: %w", err)

     

       166
       +
       	}

     

       167
       +
       

     

       168
       +
       	// Skip validation for localhost (indigo's Validate checks HTTPS)

     

       169
       +
       	if !isLocalhost {

     

       170
       +
       		if err := metadata.Validate(serverURL); err != nil {

     

       171
       +
       			return nil, fmt.Errorf("invalid auth server metadata: %w", err)

     

       172
       +
       		}

     

       173
       +
       	}

     

       174
       +
       

     

       175
       +
       	return &metadata, nil

     

       176
       +
       }

     

       177
       +
       

     

       178
       +
       // StartDevAuthFlow performs OAuth flow for localhost development.

     

       179
       +
       // This bypasses indigo's HTTPS validation for the auth server URL.

     

       180
       +
       // It resolves the identity, gets the PDS endpoint, fetches auth server metadata,

     

       181
       +
       // and returns a redirect URL for the user to approve.

     

       182
       +
       func (r *DevAuthResolver) StartDevAuthFlow(ctx context.Context, client *OAuthClient, identifier string, dir identity.Directory) (string, error) {

     

       183
       +
       	var accountDID syntax.DID

     

       184
       +
       	var pdsEndpoint string

     

       185
       +
       

     

       186
       +
       	// Check if identifier is a handle or DID

     

       187
       +
       	if strings.HasPrefix(identifier, "did:") {

     

       188
       +
       		// It's a DID - look up via directory (PLC)

     

       189
       +
       		atid, err := syntax.ParseAtIdentifier(identifier)

     

       190
       +
       		if err != nil {

     

       191
       +
       			return "", fmt.Errorf("not a valid DID (%s): %w", identifier, err)

     

       192
       +
       		}

     

       193
       +
       		ident, err := dir.Lookup(ctx, *atid)

     

       194
       +
       		if err != nil {

     

       195
       +
       			return "", fmt.Errorf("failed to resolve DID (%s): %w", identifier, err)

     

       196
       +
       		}

     

       197
       +
       		accountDID = ident.DID

     

       198
       +
       		pdsEndpoint = ident.PDSEndpoint()

     

       199
       +
       	} else {

     

       200
       +
       		// It's a handle - resolve via local PDS first

     

       201
       +
       		if r.handleResolver == nil {

     

       202
       +
       			return "", fmt.Errorf("handle resolution not configured (PDS URL not set)")

     

       203
       +
       		}

     

       204
       +
       

     

       205
       +
       		// Resolve handle to DID via local PDS

     

       206
       +
       		did, err := r.handleResolver.ResolveHandle(ctx, identifier)

     

       207
       +
       		if err != nil {

     

       208
       +
       			return "", fmt.Errorf("failed to resolve handle via PDS (%s): %w", identifier, err)

     

       209
       +
       		}

     

       210
       +
       		if did == "" {

     

       211
       +
       			return "", fmt.Errorf("handle not found: %s", identifier)

     

       212
       +
       		}

     

       213
       +
       

     

       214
       +
       		slog.Info("dev mode: resolved handle via local PDS", "handle", identifier, "did", did)

     

       215
       +
       

     

       216
       +
       		// Parse the DID

     

       217
       +
       		parsedDID, err := syntax.ParseDID(did)

     

       218
       +
       		if err != nil {

     

       219
       +
       			return "", fmt.Errorf("invalid DID from PDS (%s): %w", did, err)

     

       220
       +
       		}

     

       221
       +
       		accountDID = parsedDID

     

       222
       +
       

     

       223
       +
       		// Now look up the DID document via PLC to get PDS endpoint

     

       224
       +
       		atid, err := syntax.ParseAtIdentifier(did)

     

       225
       +
       		if err != nil {

     

       226
       +
       			return "", fmt.Errorf("not a valid DID (%s): %w", did, err)

     

       227
       +
       		}

     

       228
       +
       		ident, err := dir.Lookup(ctx, *atid)

     

       229
       +
       		if err != nil {

     

       230
       +
       			return "", fmt.Errorf("failed to resolve DID document (%s): %w", did, err)

     

       231
       +
       		}

     

       232
       +
       		pdsEndpoint = ident.PDSEndpoint()

     

       233
       +
       	}

     

       234
       +
       

     

       235
       +
       	if pdsEndpoint == "" {

     

       236
       +
       		return "", fmt.Errorf("identity does not link to an atproto host (PDS)")

     

       237
       +
       	}

     

       238
       +
       

     

       239
       +
       	slog.Debug("dev mode: resolving auth server",

     

       240
       +
       		"did", accountDID,

     

       241
       +
       		"pds", pdsEndpoint)

     

       242
       +
       

     

       243
       +
       	// Resolve auth server URL (allowing HTTP for localhost)

     

       244
       +
       	authServerURL, err := r.ResolveAuthServerURL(ctx, pdsEndpoint)

     

       245
       +
       	if err != nil {

     

       246
       +
       		return "", fmt.Errorf("resolving auth server: %w", err)

     

       247
       +
       	}

     

       248
       +
       

     

       249
       +
       	slog.Info("dev mode: resolved auth server", "url", authServerURL)

     

       250
       +
       

     

       251
       +
       	// Fetch auth server metadata using our dev-friendly resolver

     

       252
       +
       	authMeta, err := r.ResolveAuthServerMetadataDev(ctx, authServerURL)

     

       253
       +
       	if err != nil {

     

       254
       +
       		return "", fmt.Errorf("fetching auth server metadata: %w", err)

     

       255
       +
       	}

     

       256
       +
       

     

       257
       +
       	slog.Debug("dev mode: got auth server metadata",

     

       258
       +
       		"issuer", authMeta.Issuer,

     

       259
       +
       		"authorization_endpoint", authMeta.AuthorizationEndpoint,

     

       260
       +
       		"token_endpoint", authMeta.TokenEndpoint)

     

       261
       +
       

     

       262
       +
       	// Send auth request (PAR) using indigo's method

     

       263
       +
       	info, err := client.ClientApp.SendAuthRequest(ctx, authMeta, client.Config.Scopes, identifier)

     

       264
       +
       	if err != nil {

     

       265
       +
       		return "", fmt.Errorf("auth request failed: %w", err)

     

       266
       +
       	}

     

       267
       +
       

     

       268
       +
       	// Set the account DID

     

       269
       +
       	info.AccountDID = &accountDID

     

       270
       +
       

     

       271
       +
       	// Persist auth request info

     

       272
       +
       	client.ClientApp.Store.SaveAuthRequestInfo(ctx, *info)

     

       273
       +
       

     

       274
       +
       	// Build redirect URL

     

       275
       +
       	params := url.Values{}

     

       276
       +
       	params.Set("client_id", client.ClientApp.Config.ClientID)

     

       277
       +
       	params.Set("request_uri", info.RequestURI)

     

       278
       +
       

     

       279
       +
       	authEndpoint := authMeta.AuthorizationEndpoint

     

       280
       +
       	redirectURL := fmt.Sprintf("%s?%s", authEndpoint, params.Encode())

     

       281
       +
       

     

       282
       +
       	slog.Info("dev mode: OAuth redirect URL built", "url_prefix", authEndpoint)

     

       283
       +
       

     

       284
       +
       	return redirectURL, nil

     

       285
       +
       }

+106

internal/atproto/oauth/dev_resolver.go

···

       1
       +
       //go:build dev

     

       2
       +
       

     

       3
       +
       package oauth

     

       4
       +
       

     

       5
       +
       import (

     

       6
       +
       	"context"

     

       7
       +
       	"encoding/json"

     

       8
       +
       	"fmt"

     

       9
       +
       	"log/slog"

     

       10
       +
       	"net/http"

     

       11
       +
       	"net/url"

     

       12
       +
       	"strings"

     

       13
       +
       	"time"

     

       14
       +
       )

     

       15
       +
       

     

       16
       +
       // DevHandleResolver resolves handles via local PDS for development

     

       17
       +
       // This is needed because local handles (e.g., user.local.coves.dev) can't be

     

       18
       +
       // resolved via standard DNS/HTTP well-known methods - they only exist on the local PDS.

     

       19
       +
       type DevHandleResolver struct {

     

       20
       +
       	pdsURL     string

     

       21
       +
       	httpClient *http.Client

     

       22
       +
       }

     

       23
       +
       

     

       24
       +
       // NewDevHandleResolver creates a resolver that queries local PDS for handle resolution

     

       25
       +
       func NewDevHandleResolver(pdsURL string, allowPrivateIPs bool) *DevHandleResolver {

     

       26
       +
       	return &DevHandleResolver{

     

       27
       +
       		pdsURL:     strings.TrimSuffix(pdsURL, "/"),

     

       28
       +
       		httpClient: NewSSRFSafeHTTPClient(allowPrivateIPs),

     

       29
       +
       	}

     

       30
       +
       }

     

       31
       +
       

     

       32
       +
       // ResolveHandle queries the local PDS to resolve a handle to a DID

     

       33
       +
       // Returns the DID if successful, or empty string if not found

     

       34
       +
       func (r *DevHandleResolver) ResolveHandle(ctx context.Context, handle string) (string, error) {

     

       35
       +
       	if r.pdsURL == "" {

     

       36
       +
       		return "", fmt.Errorf("PDS URL not configured")

     

       37
       +
       	}

     

       38
       +
       

     

       39
       +
       	// Build the resolve handle URL

     

       40
       +
       	resolveURL := fmt.Sprintf("%s/xrpc/com.atproto.identity.resolveHandle?handle=%s",

     

       41
       +
       		r.pdsURL, url.QueryEscape(handle))

     

       42
       +
       

     

       43
       +
       	// Create request with context and timeout

     

       44
       +
       	ctx, cancel := context.WithTimeout(ctx, 10*time.Second)

     

       45
       +
       	defer cancel()

     

       46
       +
       

     

       47
       +
       	req, err := http.NewRequestWithContext(ctx, "GET", resolveURL, nil)

     

       48
       +
       	if err != nil {

     

       49
       +
       		return "", fmt.Errorf("failed to create request: %w", err)

     

       50
       +
       	}

     

       51
       +
       	req.Header.Set("User-Agent", "Coves/1.0")

     

       52
       +
       

     

       53
       +
       	// Execute request

     

       54
       +
       	resp, err := r.httpClient.Do(req)

     

       55
       +
       	if err != nil {

     

       56
       +
       		return "", fmt.Errorf("failed to query PDS: %w", err)

     

       57
       +
       	}

     

       58
       +
       	defer resp.Body.Close()

     

       59
       +
       

     

       60
       +
       	// Check response status

     

       61
       +
       	if resp.StatusCode == http.StatusNotFound || resp.StatusCode == http.StatusBadRequest {

     

       62
       +
       		return "", nil // Handle not found

     

       63
       +
       	}

     

       64
       +
       	if resp.StatusCode != http.StatusOK {

     

       65
       +
       		return "", fmt.Errorf("PDS returned status %d", resp.StatusCode)

     

       66
       +
       	}

     

       67
       +
       

     

       68
       +
       	// Parse response

     

       69
       +
       	var result struct {

     

       70
       +
       		DID string `json:"did"`

     

       71
       +
       	}

     

       72
       +
       	if err := json.NewDecoder(resp.Body).Decode(&result); err != nil {

     

       73
       +
       		return "", fmt.Errorf("failed to parse PDS response: %w", err)

     

       74
       +
       	}

     

       75
       +
       

     

       76
       +
       	if result.DID == "" {

     

       77
       +
       		return "", nil // No DID in response

     

       78
       +
       	}

     

       79
       +
       

     

       80
       +
       	slog.Debug("resolved handle via local PDS",

     

       81
       +
       		"handle", handle,

     

       82
       +
       		"did", result.DID,

     

       83
       +
       		"pds_url", r.pdsURL)

     

       84
       +
       

     

       85
       +
       	return result.DID, nil

     

       86
       +
       }

     

       87
       +
       

     

       88
       +
       // ResolveIdentifier attempts to resolve a handle to DID, or returns the DID if already provided

     

       89
       +
       // This is the main entry point for the handlers

     

       90
       +
       func (r *DevHandleResolver) ResolveIdentifier(ctx context.Context, identifier string) (string, error) {

     

       91
       +
       	// If it's already a DID, return as-is

     

       92
       +
       	if strings.HasPrefix(identifier, "did:") {

     

       93
       +
       		return identifier, nil

     

       94
       +
       	}

     

       95
       +
       

     

       96
       +
       	// Try to resolve the handle via local PDS

     

       97
       +
       	did, err := r.ResolveHandle(ctx, identifier)

     

       98
       +
       	if err != nil {

     

       99
       +
       		return "", fmt.Errorf("failed to resolve handle via PDS: %w", err)

     

       100
       +
       	}

     

       101
       +
       	if did == "" {

     

       102
       +
       		return "", fmt.Errorf("handle not found on local PDS: %s", identifier)

     

       103
       +
       	}

     

       104
       +
       

     

       105
       +
       	return did, nil

     

       106
       +
       }

+41

internal/atproto/oauth/dev_stubs.go

···

       1
       +
       //go:build !dev

     

       2
       +
       

     

       3
       +
       package oauth

     

       4
       +
       

     

       5
       +
       import (

     

       6
       +
       	"context"

     

       7
       +
       

     

       8
       +
       	"github.com/bluesky-social/indigo/atproto/identity"

     

       9
       +
       )

     

       10
       +
       

     

       11
       +
       // DevHandleResolver is a stub for production builds.

     

       12
       +
       // The actual implementation is in dev_resolver.go (only compiled with -tags dev).

     

       13
       +
       type DevHandleResolver struct{}

     

       14
       +
       

     

       15
       +
       // NewDevHandleResolver returns nil in production builds.

     

       16
       +
       // Dev mode features are only available when built with -tags dev.

     

       17
       +
       func NewDevHandleResolver(pdsURL string, allowPrivateIPs bool) *DevHandleResolver {

     

       18
       +
       	return nil

     

       19
       +
       }

     

       20
       +
       

     

       21
       +
       // ResolveHandle is a stub that should never be called in production.

     

       22
       +
       // The nil check in handlers.go prevents this from being reached.

     

       23
       +
       func (r *DevHandleResolver) ResolveHandle(ctx context.Context, handle string) (string, error) {

     

       24
       +
       	panic("dev mode: ResolveHandle called in production build - this should never happen")

     

       25
       +
       }

     

       26
       +
       

     

       27
       +
       // DevAuthResolver is a stub for production builds.

     

       28
       +
       // The actual implementation is in dev_auth_resolver.go (only compiled with -tags dev).

     

       29
       +
       type DevAuthResolver struct{}

     

       30
       +
       

     

       31
       +
       // NewDevAuthResolver returns nil in production builds.

     

       32
       +
       // Dev mode features are only available when built with -tags dev.

     

       33
       +
       func NewDevAuthResolver(pdsURL string, allowPrivateIPs bool) *DevAuthResolver {

     

       34
       +
       	return nil

     

       35
       +
       }

     

       36
       +
       

     

       37
       +
       // StartDevAuthFlow is a stub that should never be called in production.

     

       38
       +
       // The nil check in handlers.go prevents this from being reached.

     

       39
       +
       func (r *DevAuthResolver) StartDevAuthFlow(ctx context.Context, client *OAuthClient, identifier string, dir identity.Directory) (string, error) {

     

       40
       +
       	panic("dev mode: StartDevAuthFlow called in production build - this should never happen")

     

       41
       +
       }

+107 -15

internal/atproto/oauth/handlers.go

···

       8
        
       	"log/slog"

     

       9
        
       	"net/http"

     

       10
        
       	"net/url"

     

       0
        
       
     

       11
        
       

     

       12
        
       	"github.com/bluesky-social/indigo/atproto/auth/oauth"

     

       13
        
       	"github.com/bluesky-social/indigo/atproto/syntax"

     
···

       146
        
       

     

       147
        
       // OAuthHandler handles OAuth-related HTTP endpoints

     

       148
        
       type OAuthHandler struct {

     

       149
       -
       	client      *OAuthClient

     

       150
       -
       	store       oauth.ClientAuthStore

     

       151
       -
       	mobileStore MobileOAuthStore // For server-side CSRF validation

     

       0
        
       
     

       0
        
       
     

       152
        
       }

     

       153
        
       

     

       154
        
       // NewOAuthHandler creates a new OAuth handler

     
···

       163
        
       		handler.mobileStore = mobileStore

     

       164
        
       	}

     

       165
        
       

     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       166
        
       	return handler

     

       167
        
       }

     

       168
        
       

     
···

       203
        
       		return

     

       204
        
       	}

     

       205
        
       

     

       206
       -
       	// Start OAuth flow

     

       207
       -
       	redirectURL, err := h.client.ClientApp.StartAuthFlow(ctx, identifier)

     

       208
       -
       	if err != nil {

     

       209
       -
       		slog.Error("failed to start OAuth flow", "error", err, "identifier", identifier)

     

       210
       -
       		http.Error(w, fmt.Sprintf("failed to start OAuth flow: %v", err), http.StatusBadRequest)

     

       211
       -
       		return

     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       212
        
       	}

     

       213
        
       

     

       214
        
       	// Log OAuth flow initiation (sanitized - no full URL to avoid leaking state)

     
···

       223
        
       func (h *OAuthHandler) HandleMobileLogin(w http.ResponseWriter, r *http.Request) {

     

       224
        
       	ctx := r.Context()

     

       225
        
       

     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       226
        
       	// Get handle or DID from query params

     

       227
        
       	identifier := r.URL.Query().Get("handle")

     

       228
        
       	if identifier == "" {

     
···

       276
        
       		RedirectURI: mobileRedirectURI,

     

       277
        
       	})

     

       278
        
       

     

       279
       -
       	// Start OAuth flow (the store wrapper will save mobile data when auth request is saved)

     

       280
       -
       	redirectURL, err := h.client.ClientApp.StartAuthFlow(mobileCtx, identifier)

     

       281
       -
       	if err != nil {

     

       282
       -
       		slog.Error("failed to start OAuth flow", "error", err, "identifier", identifier)

     

       283
       -
       		http.Error(w, fmt.Sprintf("failed to start OAuth flow: %v", err), http.StatusBadRequest)

     

       284
       -
       		return

     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       285
        
       	}

     

       286
        
       

     

       287
        
       	// Log mobile OAuth flow initiation (sanitized - no full URLs or sensitive params)

     
···

       384
        
       		// Check if the handle is the special "handle.invalid" value

     

       385
        
       		// This indicates that bidirectional verification failed (DID->handle->DID roundtrip failed)

     

       386
        
       		if ident.Handle.String() == "handle.invalid" {

     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       387
        
       			slog.Warn("OAuth callback: bidirectional handle verification failed",

     

       388
        
       				"did", sessData.AccountDID,

     

       389
        
       				"handle", "handle.invalid",

     
···

       401
        
       			"did", sessData.AccountDID)

     

       402
        
       		slog.Info("OAuth callback successful (no handle verification)", "did", sessData.AccountDID)

     

       403
        
       	}

     

       0
        
       
     

       404
        
       

     

       405
        
       	// Check if this is a mobile callback (check for mobile_redirect_uri cookie)

     

       406
        
       	mobileRedirect, err := r.Cookie("mobile_redirect_uri")

···

       8
        
       	"log/slog"

     

       9
        
       	"net/http"

     

       10
        
       	"net/url"

     

       11
       +
       	"strings"

     

       12
        
       

     

       13
        
       	"github.com/bluesky-social/indigo/atproto/auth/oauth"

     

       14
        
       	"github.com/bluesky-social/indigo/atproto/syntax"

     
···

       147
        
       

     

       148
        
       // OAuthHandler handles OAuth-related HTTP endpoints

     

       149
        
       type OAuthHandler struct {

     

       150
       +
       	client          *OAuthClient

     

       151
       +
       	store           oauth.ClientAuthStore

     

       152
       +
       	mobileStore     MobileOAuthStore    // For server-side CSRF validation

     

       153
       +
       	devResolver     *DevHandleResolver  // For dev mode: resolve handles via local PDS

     

       154
       +
       	devAuthResolver *DevAuthResolver    // For dev mode: bypass HTTPS validation for localhost OAuth

     

       155
        
       }

     

       156
        
       

     

       157
        
       // NewOAuthHandler creates a new OAuth handler

     
···

       166
        
       		handler.mobileStore = mobileStore

     

       167
        
       	}

     

       168
        
       

     

       169
       +
       	// In dev mode, create resolvers for local PDS/PLC

     

       170
       +
       	// This is needed because:

     

       171
       +
       	// 1. Local handles (e.g., user.local.coves.dev) can't be resolved via DNS/HTTP

     

       172
       +
       	// 2. Indigo's OAuth library requires HTTPS, which localhost doesn't have

     

       173
       +
       	if client.Config.DevMode {

     

       174
       +
       		if client.Config.PDSURL != "" {

     

       175
       +
       			handler.devResolver = NewDevHandleResolver(client.Config.PDSURL, client.Config.AllowPrivateIPs)

     

       176
       +
       			slog.Info("dev mode: handle resolution via local PDS enabled", "pds_url", client.Config.PDSURL)

     

       177
       +
       		}

     

       178
       +
       		// Create dev auth resolver to bypass HTTPS validation (pass PDS URL for handle resolution)

     

       179
       +
       		handler.devAuthResolver = NewDevAuthResolver(client.Config.PDSURL, client.Config.AllowPrivateIPs)

     

       180
       +
       		slog.Info("dev mode: localhost OAuth auth resolver enabled", "pds_url", client.Config.PDSURL)

     

       181
       +
       	}

     

       182
       +
       

     

       183
        
       	return handler

     

       184
        
       }

     

       185
        
       

     
···

       220
        
       		return

     

       221
        
       	}

     

       222
        
       

     

       223
       +
       	var redirectURL string

     

       224
       +
       	var err error

     

       225
       +
       

     

       226
       +
       	// DEV MODE: Use custom OAuth flow that bypasses HTTPS validation

     

       227
       +
       	// This is needed because:

     

       228
       +
       	// 1. Local handles can't be resolved via DNS/HTTP well-known

     

       229
       +
       	// 2. Indigo's OAuth library requires HTTPS for auth servers

     

       230
       +
       	if h.devAuthResolver != nil {

     

       231
       +
       		slog.Info("dev mode: using localhost OAuth flow", "identifier", identifier)

     

       232
       +
       		redirectURL, err = h.devAuthResolver.StartDevAuthFlow(ctx, h.client, identifier, h.client.ClientApp.Dir)

     

       233
       +
       		if err != nil {

     

       234
       +
       			slog.Error("dev mode: failed to start OAuth flow", "error", err, "identifier", identifier)

     

       235
       +
       			http.Error(w, fmt.Sprintf("failed to start OAuth flow: %v", err), http.StatusBadRequest)

     

       236
       +
       			return

     

       237
       +
       		}

     

       238
       +
       	} else {

     

       239
       +
       		// Production mode: use standard indigo OAuth flow

     

       240
       +
       		redirectURL, err = h.client.ClientApp.StartAuthFlow(ctx, identifier)

     

       241
       +
       		if err != nil {

     

       242
       +
       			slog.Error("failed to start OAuth flow", "error", err, "identifier", identifier)

     

       243
       +
       			http.Error(w, fmt.Sprintf("failed to start OAuth flow: %v", err), http.StatusBadRequest)

     

       244
       +
       			return

     

       245
       +
       		}

     

       246
        
       	}

     

       247
        
       

     

       248
        
       	// Log OAuth flow initiation (sanitized - no full URL to avoid leaking state)

     
···

       257
        
       func (h *OAuthHandler) HandleMobileLogin(w http.ResponseWriter, r *http.Request) {

     

       258
        
       	ctx := r.Context()

     

       259
        
       

     

       260
       +
       	// DEV MODE: Redirect localhost to 127.0.0.1 for cookie consistency

     

       261
       +
       	// The OAuth callback URL uses 127.0.0.1 (per RFC 8252), so cookies must be set

     

       262
       +
       	// on 127.0.0.1. If user calls localhost, redirect to 127.0.0.1 first.

     

       263
       +
       	if h.client.Config.DevMode && strings.Contains(r.Host, "localhost") {

     

       264
       +
       		// Use the configured PublicURL host for consistency

     

       265
       +
       		redirectURL := h.client.Config.PublicURL + r.URL.RequestURI()

     

       266
       +
       		slog.Info("dev mode: redirecting localhost to PublicURL host for cookie consistency",

     

       267
       +
       			"from", r.Host, "to", h.client.Config.PublicURL)

     

       268
       +
       		http.Redirect(w, r, redirectURL, http.StatusFound)

     

       269
       +
       		return

     

       270
       +
       	}

     

       271
       +
       

     

       272
        
       	// Get handle or DID from query params

     

       273
        
       	identifier := r.URL.Query().Get("handle")

     

       274
        
       	if identifier == "" {

     
···

       322
        
       		RedirectURI: mobileRedirectURI,

     

       323
        
       	})

     

       324
        
       

     

       325
       +
       	var redirectURL string

     

       326
       +
       

     

       327
       +
       	// DEV MODE: Use custom OAuth flow that bypasses HTTPS validation

     

       328
       +
       	// This is needed because:

     

       329
       +
       	// 1. Local handles can't be resolved via DNS/HTTP well-known

     

       330
       +
       	// 2. Indigo's OAuth library requires HTTPS for auth servers

     

       331
       +
       	if h.devAuthResolver != nil {

     

       332
       +
       		slog.Info("dev mode: using localhost OAuth flow for mobile", "identifier", identifier)

     

       333
       +
       		redirectURL, err = h.devAuthResolver.StartDevAuthFlow(mobileCtx, h.client, identifier, h.client.ClientApp.Dir)

     

       334
       +
       		if err != nil {

     

       335
       +
       			slog.Error("dev mode: failed to start OAuth flow", "error", err, "identifier", identifier)

     

       336
       +
       			http.Error(w, fmt.Sprintf("failed to start OAuth flow: %v", err), http.StatusBadRequest)

     

       337
       +
       			return

     

       338
       +
       		}

     

       339
       +
       	} else {

     

       340
       +
       		// Production mode: use standard indigo OAuth flow

     

       341
       +
       		redirectURL, err = h.client.ClientApp.StartAuthFlow(mobileCtx, identifier)

     

       342
       +
       		if err != nil {

     

       343
       +
       			slog.Error("failed to start OAuth flow", "error", err, "identifier", identifier)

     

       344
       +
       			http.Error(w, fmt.Sprintf("failed to start OAuth flow: %v", err), http.StatusBadRequest)

     

       345
       +
       			return

     

       346
       +
       		}

     

       347
        
       	}

     

       348
        
       

     

       349
        
       	// Log mobile OAuth flow initiation (sanitized - no full URLs or sensitive params)

     
···

       446
        
       		// Check if the handle is the special "handle.invalid" value

     

       447
        
       		// This indicates that bidirectional verification failed (DID->handle->DID roundtrip failed)

     

       448
        
       		if ident.Handle.String() == "handle.invalid" {

     

       449
       +
       			// DEV MODE: For local handles, verify via PDS instead of DNS/HTTP

     

       450
       +
       			// Local handles like "user.local.coves.dev" can't be resolved via DNS

     

       451
       +
       			if h.devResolver != nil {

     

       452
       +
       				// Get the handle from DID document (alsoKnownAs)

     

       453
       +
       				declaredHandle := ""

     

       454
       +
       				if len(ident.AlsoKnownAs) > 0 {

     

       455
       +
       					// Extract handle from at:// URI

     

       456
       +
       					for _, aka := range ident.AlsoKnownAs {

     

       457
       +
       						if len(aka) > 5 && aka[:5] == "at://" {

     

       458
       +
       							declaredHandle = aka[5:]

     

       459
       +
       							break

     

       460
       +
       						}

     

       461
       +
       					}

     

       462
       +
       				}

     

       463
       +
       

     

       464
       +
       				if declaredHandle != "" {

     

       465
       +
       					// Verify handle via PDS

     

       466
       +
       					resolvedDID, err := h.devResolver.ResolveHandle(ctx, declaredHandle)

     

       467
       +
       					if err == nil && resolvedDID == sessData.AccountDID.String() {

     

       468
       +
       						slog.Info("OAuth callback successful (dev mode: handle verified via PDS)",

     

       469
       +
       							"did", sessData.AccountDID, "handle", declaredHandle)

     

       470
       +
       						goto handleVerificationPassed

     

       471
       +
       					}

     

       472
       +
       					slog.Warn("dev mode: PDS handle verification failed",

     

       473
       +
       						"did", sessData.AccountDID, "handle", declaredHandle,

     

       474
       +
       						"resolved_did", resolvedDID, "error", err)

     

       475
       +
       				}

     

       476
       +
       			}

     

       477
       +
       

     

       478
        
       			slog.Warn("OAuth callback: bidirectional handle verification failed",

     

       479
        
       				"did", sessData.AccountDID,

     

       480
        
       				"handle", "handle.invalid",

     
···

       492
        
       			"did", sessData.AccountDID)

     

       493
        
       		slog.Info("OAuth callback successful (no handle verification)", "did", sessData.AccountDID)

     

       494
        
       	}

     

       495
       +
       handleVerificationPassed:

     

       496
        
       

     

       497
        
       	// Check if this is a mobile callback (check for mobile_redirect_uri cookie)

     

       498
        
       	mobileRedirect, err := r.Cookie("mobile_redirect_uri")

+5 -1

scripts/dev-run.sh

···

       1
        
       #!/bin/bash

     

       2
        
       # Development server runner - loads .env.dev before starting

     

       0
        
       
     

       3
        
       

     

       4
        
       set -a  # automatically export all variables

     

       5
        
       source .env.dev

     
···

       9
        
       echo "   IS_DEV_ENV: $IS_DEV_ENV"

     

       10
        
       echo "   PLC_DIRECTORY_URL: $PLC_DIRECTORY_URL"

     

       11
        
       echo "   JETSTREAM_URL: $JETSTREAM_URL"

     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       12
        
       echo ""

     

       13
        
       

     

       14
       -
       go run ./cmd/server

···

       1
        
       #!/bin/bash

     

       2
        
       # Development server runner - loads .env.dev before starting

     

       3
       +
       # Uses -tags dev to include dev-only code (localhost OAuth resolvers, etc.)

     

       4
        
       

     

       5
        
       set -a  # automatically export all variables

     

       6
        
       source .env.dev

     
···

       10
        
       echo "   IS_DEV_ENV: $IS_DEV_ENV"

     

       11
        
       echo "   PLC_DIRECTORY_URL: $PLC_DIRECTORY_URL"

     

       12
        
       echo "   JETSTREAM_URL: $JETSTREAM_URL"

     

       13
       +
       echo "   APPVIEW_PUBLIC_URL: $APPVIEW_PUBLIC_URL"

     

       14
       +
       echo "   PDS_URL: $PDS_URL"

     

       15
       +
       echo "   Build tags: dev"

     

       16
        
       echo ""

     

       17
        
       

     

       18
       +
       go run -tags dev ./cmd/server

+125

internal/atproto/pds/factory.go

···

       1
       +
       package pds

     

       2
       +
       

     

       3
       +
       import (

     

       4
       +
       	"context"

     

       5
       +
       	"fmt"

     

       6
       +
       	"net/http"

     

       7
       +
       

     

       8
       +
       	"github.com/bluesky-social/indigo/atproto/atclient"

     

       9
       +
       	"github.com/bluesky-social/indigo/atproto/auth/oauth"

     

       10
       +
       	"github.com/bluesky-social/indigo/atproto/syntax"

     

       11
       +
       )

     

       12
       +
       

     

       13
       +
       // NewFromOAuthSession creates a PDS client from an OAuth session.

     

       14
       +
       // This uses DPoP authentication - the correct method for OAuth tokens.

     

       15
       +
       //

     

       16
       +
       // The oauthClient is used to resume the session and get a properly configured

     

       17
       +
       // APIClient that handles DPoP proof generation and nonce rotation automatically.

     

       18
       +
       func NewFromOAuthSession(ctx context.Context, oauthClient *oauth.ClientApp, sessionData *oauth.ClientSessionData) (Client, error) {

     

       19
       +
       	if oauthClient == nil {

     

       20
       +
       		return nil, fmt.Errorf("oauthClient is required")

     

       21
       +
       	}

     

       22
       +
       	if sessionData == nil {

     

       23
       +
       		return nil, fmt.Errorf("sessionData is required")

     

       24
       +
       	}

     

       25
       +
       

     

       26
       +
       	// ResumeSession reconstructs the OAuth session with DPoP key

     

       27
       +
       	// and returns a ClientSession that can generate authenticated requests

     

       28
       +
       	sess, err := oauthClient.ResumeSession(ctx, sessionData.AccountDID, sessionData.SessionID)

     

       29
       +
       	if err != nil {

     

       30
       +
       		return nil, fmt.Errorf("failed to resume OAuth session: %w", err)

     

       31
       +
       	}

     

       32
       +
       

     

       33
       +
       	// APIClient() returns an *atclient.APIClient configured with DPoP auth

     

       34
       +
       	apiClient := sess.APIClient()

     

       35
       +
       

     

       36
       +
       	return &client{

     

       37
       +
       		apiClient: apiClient,

     

       38
       +
       		did:       sessionData.AccountDID.String(),

     

       39
       +
       		host:      sessionData.HostURL,

     

       40
       +
       	}, nil

     

       41
       +
       }

     

       42
       +
       

     

       43
       +
       // NewFromPasswordAuth creates a PDS client using password authentication.

     

       44
       +
       // This uses Bearer token authentication from com.atproto.server.createSession.

     

       45
       +
       //

     

       46
       +
       // Primarily used for:

     

       47
       +
       // - E2E tests with local PDS

     

       48
       +
       // - Development/debugging tools

     

       49
       +
       // - Non-OAuth clients

     

       50
       +
       //

     

       51
       +
       // Note: This establishes a new session with the PDS. For repeated calls,

     

       52
       +
       // consider using NewFromAccessToken if you already have a valid access token.

     

       53
       +
       func NewFromPasswordAuth(ctx context.Context, host, handle, password string) (Client, error) {

     

       54
       +
       	if host == "" {

     

       55
       +
       		return nil, fmt.Errorf("host is required")

     

       56
       +
       	}

     

       57
       +
       	if handle == "" {

     

       58
       +
       		return nil, fmt.Errorf("handle is required")

     

       59
       +
       	}

     

       60
       +
       	if password == "" {

     

       61
       +
       		return nil, fmt.Errorf("password is required")

     

       62
       +
       	}

     

       63
       +
       

     

       64
       +
       	// LoginWithPasswordHost creates a session and returns an authenticated APIClient

     

       65
       +
       	// This handles the createSession call and Bearer token setup

     

       66
       +
       	apiClient, err := atclient.LoginWithPasswordHost(ctx, host, handle, password, "", nil)

     

       67
       +
       	if err != nil {

     

       68
       +
       		return nil, fmt.Errorf("failed to login with password: %w", err)

     

       69
       +
       	}

     

       70
       +
       

     

       71
       +
       	// Get DID from the authenticated client

     

       72
       +
       	did := ""

     

       73
       +
       	if apiClient.AccountDID != nil {

     

       74
       +
       		did = apiClient.AccountDID.String()

     

       75
       +
       	}

     

       76
       +
       

     

       77
       +
       	return &client{

     

       78
       +
       		apiClient: apiClient,

     

       79
       +
       		did:       did,

     

       80
       +
       		host:      host,

     

       81
       +
       	}, nil

     

       82
       +
       }

     

       83
       +
       

     

       84
       +
       // NewFromAccessToken creates a PDS client from an existing access token.

     

       85
       +
       // This is useful when you already have a valid Bearer token (e.g., from createSession)

     

       86
       +
       // and don't want to re-authenticate.

     

       87
       +
       //

     

       88
       +
       // WARNING: This creates a client with Bearer auth only. Do NOT use this with

     

       89
       +
       // OAuth access tokens - those require DPoP proofs. Use NewFromOAuthSession instead.

     

       90
       +
       func NewFromAccessToken(host, did, accessToken string) (Client, error) {

     

       91
       +
       	if host == "" {

     

       92
       +
       		return nil, fmt.Errorf("host is required")

     

       93
       +
       	}

     

       94
       +
       	if did == "" {

     

       95
       +
       		return nil, fmt.Errorf("did is required")

     

       96
       +
       	}

     

       97
       +
       	if accessToken == "" {

     

       98
       +
       		return nil, fmt.Errorf("accessToken is required")

     

       99
       +
       	}

     

       100
       +
       

     

       101
       +
       	// Create APIClient with Bearer auth

     

       102
       +
       	apiClient := atclient.NewAPIClient(host)

     

       103
       +
       	apiClient.Auth = &bearerAuth{token: accessToken}

     

       104
       +
       

     

       105
       +
       	return &client{

     

       106
       +
       		apiClient: apiClient,

     

       107
       +
       		did:       did,

     

       108
       +
       		host:      host,

     

       109
       +
       	}, nil

     

       110
       +
       }

     

       111
       +
       

     

       112
       +
       // bearerAuth implements atclient.AuthMethod for simple Bearer token auth.

     

       113
       +
       // This is used for password-based sessions where DPoP is not required.

     

       114
       +
       type bearerAuth struct {

     

       115
       +
       	token string

     

       116
       +
       }

     

       117
       +
       

     

       118
       +
       // Ensure bearerAuth implements atclient.AuthMethod.

     

       119
       +
       var _ atclient.AuthMethod = (*bearerAuth)(nil)

     

       120
       +
       

     

       121
       +
       // DoWithAuth adds the Bearer token to the request and executes it.

     

       122
       +
       func (b *bearerAuth) DoWithAuth(c *http.Client, req *http.Request, _ syntax.NSID) (*http.Response, error) {

     

       123
       +
       	req.Header.Set("Authorization", "Bearer "+b.token)

     

       124
       +
       	return c.Do(req)

     

       125
       +
       }

+18

tests/integration/helpers.go

···

       3
        
       import (

     

       4
        
       	"Coves/internal/api/middleware"

     

       5
        
       	"Coves/internal/atproto/oauth"

     

       0
        
       
     

       6
        
       	"Coves/internal/core/users"

     

       0
        
       
     

       7
        
       	"bytes"

     

       8
        
       	"context"

     

       9
        
       	"database/sql"

     
···

       425
        
       	e.store.AddSessionWithPDS(did, sessionID, pdsAccessToken, pdsURL)

     

       426
        
       	return token

     

       427
        
       }

     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0

···

       3
        
       import (

     

       4
        
       	"Coves/internal/api/middleware"

     

       5
        
       	"Coves/internal/atproto/oauth"

     

       6
       +
       	"Coves/internal/atproto/pds"

     

       7
        
       	"Coves/internal/core/users"

     

       8
       +
       	"Coves/internal/core/votes"

     

       9
        
       	"bytes"

     

       10
        
       	"context"

     

       11
        
       	"database/sql"

     
···

       427
        
       	e.store.AddSessionWithPDS(did, sessionID, pdsAccessToken, pdsURL)

     

       428
        
       	return token

     

       429
        
       }

     

       430
       +
       

     

       431
       +
       // PasswordAuthPDSClientFactory creates a PDSClientFactory that uses password-based Bearer auth.

     

       432
       +
       // This is for E2E tests that use createSession instead of OAuth.

     

       433
       +
       // The factory extracts the access token and host URL from the session data.

     

       434
       +
       func PasswordAuthPDSClientFactory() votes.PDSClientFactory {

     

       435
       +
       	return func(ctx context.Context, session *oauthlib.ClientSessionData) (pds.Client, error) {

     

       436
       +
       		if session.AccessToken == "" {

     

       437
       +
       			return nil, fmt.Errorf("session has no access token")

     

       438
       +
       		}

     

       439
       +
       		if session.HostURL == "" {

     

       440
       +
       			return nil, fmt.Errorf("session has no host URL")

     

       441
       +
       		}

     

       442
       +
       

     

       443
       +
       		return pds.NewFromAccessToken(session.HostURL, session.AccountDID.String(), session.AccessToken)

     

       444
       +
       	}

     

       445
       +
       }

+267

cmd/reindex-votes/main.go

···

       1
       +
       // cmd/reindex-votes/main.go

     

       2
       +
       // Quick tool to reindex votes from PDS to AppView database

     

       3
       +
       package main

     

       4
       +
       

     

       5
       +
       import (

     

       6
       +
       	"context"

     

       7
       +
       	"database/sql"

     

       8
       +
       	"encoding/json"

     

       9
       +
       	"fmt"

     

       10
       +
       	"log"

     

       11
       +
       	"net/http"

     

       12
       +
       	"net/url"

     

       13
       +
       	"os"

     

       14
       +
       	"strings"

     

       15
       +
       	"time"

     

       16
       +
       

     

       17
       +
       	_ "github.com/lib/pq"

     

       18
       +
       )

     

       19
       +
       

     

       20
       +
       type ListRecordsResponse struct {

     

       21
       +
       	Records []Record `json:"records"`

     

       22
       +
       	Cursor  string   `json:"cursor"`

     

       23
       +
       }

     

       24
       +
       

     

       25
       +
       type Record struct {

     

       26
       +
       	URI   string                 `json:"uri"`

     

       27
       +
       	CID   string                 `json:"cid"`

     

       28
       +
       	Value map[string]interface{} `json:"value"`

     

       29
       +
       }

     

       30
       +
       

     

       31
       +
       func main() {

     

       32
       +
       	// Get config from env

     

       33
       +
       	dbURL := os.Getenv("DATABASE_URL")

     

       34
       +
       	if dbURL == "" {

     

       35
       +
       		dbURL = "postgres://dev_user:dev_password@localhost:5435/coves_dev?sslmode=disable"

     

       36
       +
       	}

     

       37
       +
       	pdsURL := os.Getenv("PDS_URL")

     

       38
       +
       	if pdsURL == "" {

     

       39
       +
       		pdsURL = "http://localhost:3001"

     

       40
       +
       	}

     

       41
       +
       

     

       42
       +
       	log.Printf("Connecting to database...")

     

       43
       +
       	db, err := sql.Open("postgres", dbURL)

     

       44
       +
       	if err != nil {

     

       45
       +
       		log.Fatalf("Failed to connect to database: %v", err)

     

       46
       +
       	}

     

       47
       +
       	defer db.Close()

     

       48
       +
       

     

       49
       +
       	ctx := context.Background()

     

       50
       +
       

     

       51
       +
       	// Get all accounts directly from the PDS

     

       52
       +
       	log.Printf("Fetching accounts from PDS (%s)...", pdsURL)

     

       53
       +
       	dids, err := fetchAllAccountsFromPDS(pdsURL)

     

       54
       +
       	if err != nil {

     

       55
       +
       		log.Fatalf("Failed to fetch accounts from PDS: %v", err)

     

       56
       +
       	}

     

       57
       +
       	log.Printf("Found %d accounts on PDS to check for votes", len(dids))

     

       58
       +
       

     

       59
       +
       	// Reset vote counts first

     

       60
       +
       	log.Printf("Resetting all vote counts...")

     

       61
       +
       	if _, err := db.ExecContext(ctx, "DELETE FROM votes"); err != nil {

     

       62
       +
       		log.Fatalf("Failed to clear votes table: %v", err)

     

       63
       +
       	}

     

       64
       +
       	if _, err := db.ExecContext(ctx, "UPDATE posts SET upvote_count = 0, downvote_count = 0, score = 0"); err != nil {

     

       65
       +
       		log.Fatalf("Failed to reset post vote counts: %v", err)

     

       66
       +
       	}

     

       67
       +
       	if _, err := db.ExecContext(ctx, "UPDATE comments SET upvote_count = 0, downvote_count = 0, score = 0"); err != nil {

     

       68
       +
       		log.Fatalf("Failed to reset comment vote counts: %v", err)

     

       69
       +
       	}

     

       70
       +
       

     

       71
       +
       	// For each user, fetch their votes from PDS

     

       72
       +
       	totalVotes := 0

     

       73
       +
       	for _, did := range dids {

     

       74
       +
       		votes, err := fetchVotesFromPDS(pdsURL, did)

     

       75
       +
       		if err != nil {

     

       76
       +
       			log.Printf("Warning: failed to fetch votes for %s: %v", did, err)

     

       77
       +
       			continue

     

       78
       +
       		}

     

       79
       +
       

     

       80
       +
       		if len(votes) == 0 {

     

       81
       +
       			continue

     

       82
       +
       		}

     

       83
       +
       

     

       84
       +
       		log.Printf("Found %d votes for %s", len(votes), did)

     

       85
       +
       

     

       86
       +
       		// Index each vote

     

       87
       +
       		for _, vote := range votes {

     

       88
       +
       			if err := indexVote(ctx, db, did, vote); err != nil {

     

       89
       +
       				log.Printf("Warning: failed to index vote %s: %v", vote.URI, err)

     

       90
       +
       				continue

     

       91
       +
       			}

     

       92
       +
       			totalVotes++

     

       93
       +
       		}

     

       94
       +
       	}

     

       95
       +
       

     

       96
       +
       	log.Printf("✓ Reindexed %d votes from PDS", totalVotes)

     

       97
       +
       }

     

       98
       +
       

     

       99
       +
       // fetchAllAccountsFromPDS queries the PDS sync API to get all repo DIDs

     

       100
       +
       func fetchAllAccountsFromPDS(pdsURL string) ([]string, error) {

     

       101
       +
       	// Use com.atproto.sync.listRepos to get all repos on this PDS

     

       102
       +
       	var allDIDs []string

     

       103
       +
       	cursor := ""

     

       104
       +
       

     

       105
       +
       	for {

     

       106
       +
       		reqURL := fmt.Sprintf("%s/xrpc/com.atproto.sync.listRepos?limit=100", pdsURL)

     

       107
       +
       		if cursor != "" {

     

       108
       +
       			reqURL += "&cursor=" + url.QueryEscape(cursor)

     

       109
       +
       		}

     

       110
       +
       

     

       111
       +
       		resp, err := http.Get(reqURL)

     

       112
       +
       		if err != nil {

     

       113
       +
       			return nil, fmt.Errorf("HTTP request failed: %w", err)

     

       114
       +
       		}

     

       115
       +
       		defer resp.Body.Close()

     

       116
       +
       

     

       117
       +
       		if resp.StatusCode != 200 {

     

       118
       +
       			return nil, fmt.Errorf("unexpected status code: %d", resp.StatusCode)

     

       119
       +
       		}

     

       120
       +
       

     

       121
       +
       		var result struct {

     

       122
       +
       			Repos []struct {

     

       123
       +
       				DID string `json:"did"`

     

       124
       +
       			} `json:"repos"`

     

       125
       +
       			Cursor string `json:"cursor"`

     

       126
       +
       		}

     

       127
       +
       		if err := json.NewDecoder(resp.Body).Decode(&result); err != nil {

     

       128
       +
       			return nil, fmt.Errorf("failed to decode response: %w", err)

     

       129
       +
       		}

     

       130
       +
       

     

       131
       +
       		for _, repo := range result.Repos {

     

       132
       +
       			allDIDs = append(allDIDs, repo.DID)

     

       133
       +
       		}

     

       134
       +
       

     

       135
       +
       		if result.Cursor == "" {

     

       136
       +
       			break

     

       137
       +
       		}

     

       138
       +
       		cursor = result.Cursor

     

       139
       +
       	}

     

       140
       +
       

     

       141
       +
       	return allDIDs, nil

     

       142
       +
       }

     

       143
       +
       

     

       144
       +
       func fetchVotesFromPDS(pdsURL, did string) ([]Record, error) {

     

       145
       +
       	var allRecords []Record

     

       146
       +
       	cursor := ""

     

       147
       +
       	collection := "social.coves.feed.vote"

     

       148
       +
       

     

       149
       +
       	for {

     

       150
       +
       		reqURL := fmt.Sprintf("%s/xrpc/com.atproto.repo.listRecords?repo=%s&collection=%s&limit=100",

     

       151
       +
       			pdsURL, url.QueryEscape(did), url.QueryEscape(collection))

     

       152
       +
       		if cursor != "" {

     

       153
       +
       			reqURL += "&cursor=" + url.QueryEscape(cursor)

     

       154
       +
       		}

     

       155
       +
       

     

       156
       +
       		resp, err := http.Get(reqURL)

     

       157
       +
       		if err != nil {

     

       158
       +
       			return nil, fmt.Errorf("HTTP request failed: %w", err)

     

       159
       +
       		}

     

       160
       +
       		defer resp.Body.Close()

     

       161
       +
       

     

       162
       +
       		if resp.StatusCode == 400 {

     

       163
       +
       			// User doesn't exist on this PDS or has no records - that's OK

     

       164
       +
       			return nil, nil

     

       165
       +
       		}

     

       166
       +
       		if resp.StatusCode != 200 {

     

       167
       +
       			return nil, fmt.Errorf("unexpected status code: %d", resp.StatusCode)

     

       168
       +
       		}

     

       169
       +
       

     

       170
       +
       		var result ListRecordsResponse

     

       171
       +
       		if err := json.NewDecoder(resp.Body).Decode(&result); err != nil {

     

       172
       +
       			return nil, fmt.Errorf("failed to decode response: %w", err)

     

       173
       +
       		}

     

       174
       +
       

     

       175
       +
       		allRecords = append(allRecords, result.Records...)

     

       176
       +
       

     

       177
       +
       		if result.Cursor == "" {

     

       178
       +
       			break

     

       179
       +
       		}

     

       180
       +
       		cursor = result.Cursor

     

       181
       +
       	}

     

       182
       +
       

     

       183
       +
       	return allRecords, nil

     

       184
       +
       }

     

       185
       +
       

     

       186
       +
       func indexVote(ctx context.Context, db *sql.DB, voterDID string, record Record) error {

     

       187
       +
       	// Extract vote data from record

     

       188
       +
       	subject, ok := record.Value["subject"].(map[string]interface{})

     

       189
       +
       	if !ok {

     

       190
       +
       		return fmt.Errorf("missing subject")

     

       191
       +
       	}

     

       192
       +
       	subjectURI, _ := subject["uri"].(string)

     

       193
       +
       	subjectCID, _ := subject["cid"].(string)

     

       194
       +
       	direction, _ := record.Value["direction"].(string)

     

       195
       +
       	createdAtStr, _ := record.Value["createdAt"].(string)

     

       196
       +
       

     

       197
       +
       	if subjectURI == "" || direction == "" {

     

       198
       +
       		return fmt.Errorf("invalid vote record: missing required fields")

     

       199
       +
       	}

     

       200
       +
       

     

       201
       +
       	// Parse created_at

     

       202
       +
       	createdAt, err := time.Parse(time.RFC3339, createdAtStr)

     

       203
       +
       	if err != nil {

     

       204
       +
       		createdAt = time.Now()

     

       205
       +
       	}

     

       206
       +
       

     

       207
       +
       	// Extract rkey from URI (at://did/collection/rkey)

     

       208
       +
       	parts := strings.Split(record.URI, "/")

     

       209
       +
       	if len(parts) < 5 {

     

       210
       +
       		return fmt.Errorf("invalid URI format: %s", record.URI)

     

       211
       +
       	}

     

       212
       +
       	rkey := parts[len(parts)-1]

     

       213
       +
       

     

       214
       +
       	// Start transaction

     

       215
       +
       	tx, err := db.BeginTx(ctx, nil)

     

       216
       +
       	if err != nil {

     

       217
       +
       		return fmt.Errorf("failed to begin transaction: %w", err)

     

       218
       +
       	}

     

       219
       +
       	defer tx.Rollback()

     

       220
       +
       

     

       221
       +
       	// Insert vote

     

       222
       +
       	_, err = tx.ExecContext(ctx, `

     

       223
       +
       		INSERT INTO votes (uri, cid, rkey, voter_did, subject_uri, subject_cid, direction, created_at, indexed_at)

     

       224
       +
       		VALUES ($1, $2, $3, $4, $5, $6, $7, $8, NOW())

     

       225
       +
       		ON CONFLICT (uri) DO NOTHING

     

       226
       +
       	`, record.URI, record.CID, rkey, voterDID, subjectURI, subjectCID, direction, createdAt)

     

       227
       +
       	if err != nil {

     

       228
       +
       		return fmt.Errorf("failed to insert vote: %w", err)

     

       229
       +
       	}

     

       230
       +
       

     

       231
       +
       	// Update post/comment counts

     

       232
       +
       	collection := extractCollectionFromURI(subjectURI)

     

       233
       +
       	var updateQuery string

     

       234
       +
       

     

       235
       +
       	switch collection {

     

       236
       +
       	case "social.coves.community.post":

     

       237
       +
       		if direction == "up" {

     

       238
       +
       			updateQuery = `UPDATE posts SET upvote_count = upvote_count + 1, score = upvote_count + 1 - downvote_count WHERE uri = $1 AND deleted_at IS NULL`

     

       239
       +
       		} else {

     

       240
       +
       			updateQuery = `UPDATE posts SET downvote_count = downvote_count + 1, score = upvote_count - (downvote_count + 1) WHERE uri = $1 AND deleted_at IS NULL`

     

       241
       +
       		}

     

       242
       +
       	case "social.coves.community.comment":

     

       243
       +
       		if direction == "up" {

     

       244
       +
       			updateQuery = `UPDATE comments SET upvote_count = upvote_count + 1, score = upvote_count + 1 - downvote_count WHERE uri = $1 AND deleted_at IS NULL`

     

       245
       +
       		} else {

     

       246
       +
       			updateQuery = `UPDATE comments SET downvote_count = downvote_count + 1, score = upvote_count - (downvote_count + 1) WHERE uri = $1 AND deleted_at IS NULL`

     

       247
       +
       		}

     

       248
       +
       	default:

     

       249
       +
       		// Unknown collection, just index the vote

     

       250
       +
       		return tx.Commit()

     

       251
       +
       	}

     

       252
       +
       

     

       253
       +
       	if _, err := tx.ExecContext(ctx, updateQuery, subjectURI); err != nil {

     

       254
       +
       		return fmt.Errorf("failed to update vote counts: %w", err)

     

       255
       +
       	}

     

       256
       +
       

     

       257
       +
       	return tx.Commit()

     

       258
       +
       }

     

       259
       +
       

     

       260
       +
       func extractCollectionFromURI(uri string) string {

     

       261
       +
       	// at://did:plc:xxx/social.coves.community.post/rkey

     

       262
       +
       	parts := strings.Split(uri, "/")

     

       263
       +
       	if len(parts) >= 4 {

     

       264
       +
       		return parts[3]

     

       265
       +
       	}

     

       266
       +
       	return ""

     

       267
       +
       }

+7 -5

internal/api/routes/communityFeed.go

···

       2
        
       

     

       3
        
       import (

     

       4
        
       	"Coves/internal/api/handlers/communityFeed"

     

       0
        
       
     

       5
        
       	"Coves/internal/core/communityFeeds"

     

       0
        
       
     

       6
        
       

     

       7
        
       	"github.com/go-chi/chi/v5"

     

       8
        
       )

     
···

       11
        
       func RegisterCommunityFeedRoutes(

     

       12
        
       	r chi.Router,

     

       13
        
       	feedService communityFeeds.Service,

     

       0
        
       
     

       0
        
       
     

       14
        
       ) {

     

       15
        
       	// Create handlers

     

       16
       -
       	getCommunityHandler := communityFeed.NewGetCommunityHandler(feedService)

     

       17
        
       

     

       18
        
       	// GET /xrpc/social.coves.communityFeed.getCommunity

     

       19
       -
       	// Public endpoint - basic community sorting only for Alpha

     

       20
       -
       	// TODO(feed-generator): Add OptionalAuth middleware when implementing viewer-specific state

     

       21
       -
       	//                       (blocks, upvotes, saves, etc.) in feed generator skeleton

     

       22
       -
       	r.Get("/xrpc/social.coves.communityFeed.getCommunity", getCommunityHandler.HandleGetCommunity)

     

       23
        
       }

···

       2
        
       

     

       3
        
       import (

     

       4
        
       	"Coves/internal/api/handlers/communityFeed"

     

       5
       +
       	"Coves/internal/api/middleware"

     

       6
        
       	"Coves/internal/core/communityFeeds"

     

       7
       +
       	"Coves/internal/core/votes"

     

       8
        
       

     

       9
        
       	"github.com/go-chi/chi/v5"

     

       10
        
       )

     
···

       13
        
       func RegisterCommunityFeedRoutes(

     

       14
        
       	r chi.Router,

     

       15
        
       	feedService communityFeeds.Service,

     

       16
       +
       	voteService votes.Service,

     

       17
       +
       	authMiddleware *middleware.OAuthAuthMiddleware,

     

       18
        
       ) {

     

       19
        
       	// Create handlers

     

       20
       +
       	getCommunityHandler := communityFeed.NewGetCommunityHandler(feedService, voteService)

     

       21
        
       

     

       22
        
       	// GET /xrpc/social.coves.communityFeed.getCommunity

     

       23
       +
       	// Public endpoint with optional auth for viewer-specific state (vote state)

     

       24
       +
       	r.With(authMiddleware.OptionalAuth).Get("/xrpc/social.coves.communityFeed.getCommunity", getCommunityHandler.HandleGetCommunity)

     

       0
        
       
     

       0
        
       
     

       25
        
       }

+3 -1

internal/api/routes/timeline.go

···

       4
        
       	"Coves/internal/api/handlers/timeline"

     

       5
        
       	"Coves/internal/api/middleware"

     

       6
        
       	timelineCore "Coves/internal/core/timeline"

     

       0
        
       
     

       7
        
       

     

       8
        
       	"github.com/go-chi/chi/v5"

     

       9
        
       )

     
···

       12
        
       func RegisterTimelineRoutes(

     

       13
        
       	r chi.Router,

     

       14
        
       	timelineService timelineCore.Service,

     

       0
        
       
     

       15
        
       	authMiddleware *middleware.OAuthAuthMiddleware,

     

       16
        
       ) {

     

       17
        
       	// Create handlers

     

       18
       -
       	getTimelineHandler := timeline.NewGetTimelineHandler(timelineService)

     

       19
        
       

     

       20
        
       	// GET /xrpc/social.coves.feed.getTimeline

     

       21
        
       	// Requires authentication - user must be logged in to see their timeline

···

       4
        
       	"Coves/internal/api/handlers/timeline"

     

       5
        
       	"Coves/internal/api/middleware"

     

       6
        
       	timelineCore "Coves/internal/core/timeline"

     

       7
       +
       	"Coves/internal/core/votes"

     

       8
        
       

     

       9
        
       	"github.com/go-chi/chi/v5"

     

       10
        
       )

     
···

       13
        
       func RegisterTimelineRoutes(

     

       14
        
       	r chi.Router,

     

       15
        
       	timelineService timelineCore.Service,

     

       16
       +
       	voteService votes.Service,

     

       17
        
       	authMiddleware *middleware.OAuthAuthMiddleware,

     

       18
        
       ) {

     

       19
        
       	// Create handlers

     

       20
       +
       	getTimelineHandler := timeline.NewGetTimelineHandler(timelineService, voteService)

     

       21
        
       

     

       22
        
       	// GET /xrpc/social.coves.feed.getTimeline

     

       23
        
       	// Requires authentication - user must be logged in to see their timeline

+221

internal/core/votes/cache.go

···

       1
       +
       package votes

     

       2
       +
       

     

       3
       +
       import (

     

       4
       +
       	"context"

     

       5
       +
       	"fmt"

     

       6
       +
       	"log/slog"

     

       7
       +
       	"strings"

     

       8
       +
       	"sync"

     

       9
       +
       	"time"

     

       10
       +
       

     

       11
       +
       	"Coves/internal/atproto/pds"

     

       12
       +
       )

     

       13
       +
       

     

       14
       +
       // CachedVote represents a vote stored in the cache

     

       15
       +
       type CachedVote struct {

     

       16
       +
       	Direction string // "up" or "down"

     

       17
       +
       	URI       string // vote record URI (at://did/collection/rkey)

     

       18
       +
       	RKey      string // record key

     

       19
       +
       }

     

       20
       +
       

     

       21
       +
       // VoteCache provides an in-memory cache of user votes fetched from their PDS.

     

       22
       +
       // This avoids eventual consistency issues with the AppView database.

     

       23
       +
       type VoteCache struct {

     

       24
       +
       	mu     sync.RWMutex

     

       25
       +
       	votes  map[string]map[string]*CachedVote // userDID -> subjectURI -> vote

     

       26
       +
       	expiry map[string]time.Time              // userDID -> expiry time

     

       27
       +
       	ttl    time.Duration

     

       28
       +
       	logger *slog.Logger

     

       29
       +
       }

     

       30
       +
       

     

       31
       +
       // NewVoteCache creates a new vote cache with the specified TTL

     

       32
       +
       func NewVoteCache(ttl time.Duration, logger *slog.Logger) *VoteCache {

     

       33
       +
       	if logger == nil {

     

       34
       +
       		logger = slog.Default()

     

       35
       +
       	}

     

       36
       +
       	return &VoteCache{

     

       37
       +
       		votes:  make(map[string]map[string]*CachedVote),

     

       38
       +
       		expiry: make(map[string]time.Time),

     

       39
       +
       		ttl:    ttl,

     

       40
       +
       		logger: logger,

     

       41
       +
       	}

     

       42
       +
       }

     

       43
       +
       

     

       44
       +
       // GetVotesForUser returns all cached votes for a user.

     

       45
       +
       // Returns nil if cache is empty or expired for this user.

     

       46
       +
       func (c *VoteCache) GetVotesForUser(userDID string) map[string]*CachedVote {

     

       47
       +
       	c.mu.RLock()

     

       48
       +
       	defer c.mu.RUnlock()

     

       49
       +
       

     

       50
       +
       	// Check if cache exists and is not expired

     

       51
       +
       	expiry, exists := c.expiry[userDID]

     

       52
       +
       	if !exists || time.Now().After(expiry) {

     

       53
       +
       		return nil

     

       54
       +
       	}

     

       55
       +
       

     

       56
       +
       	return c.votes[userDID]

     

       57
       +
       }

     

       58
       +
       

     

       59
       +
       // GetVote returns the cached vote for a specific subject, or nil if not found/expired

     

       60
       +
       func (c *VoteCache) GetVote(userDID, subjectURI string) *CachedVote {

     

       61
       +
       	votes := c.GetVotesForUser(userDID)

     

       62
       +
       	if votes == nil {

     

       63
       +
       		return nil

     

       64
       +
       	}

     

       65
       +
       	return votes[subjectURI]

     

       66
       +
       }

     

       67
       +
       

     

       68
       +
       // IsCached returns true if the user's votes are cached and not expired

     

       69
       +
       func (c *VoteCache) IsCached(userDID string) bool {

     

       70
       +
       	c.mu.RLock()

     

       71
       +
       	defer c.mu.RUnlock()

     

       72
       +
       

     

       73
       +
       	expiry, exists := c.expiry[userDID]

     

       74
       +
       	return exists && time.Now().Before(expiry)

     

       75
       +
       }

     

       76
       +
       

     

       77
       +
       // SetVotesForUser replaces all cached votes for a user

     

       78
       +
       func (c *VoteCache) SetVotesForUser(userDID string, votes map[string]*CachedVote) {

     

       79
       +
       	c.mu.Lock()

     

       80
       +
       	defer c.mu.Unlock()

     

       81
       +
       

     

       82
       +
       	c.votes[userDID] = votes

     

       83
       +
       	c.expiry[userDID] = time.Now().Add(c.ttl)

     

       84
       +
       

     

       85
       +
       	c.logger.Debug("vote cache updated",

     

       86
       +
       		"user", userDID,

     

       87
       +
       		"vote_count", len(votes),

     

       88
       +
       		"expires_at", c.expiry[userDID])

     

       89
       +
       }

     

       90
       +
       

     

       91
       +
       // SetVote adds or updates a single vote in the cache

     

       92
       +
       func (c *VoteCache) SetVote(userDID, subjectURI string, vote *CachedVote) {

     

       93
       +
       	c.mu.Lock()

     

       94
       +
       	defer c.mu.Unlock()

     

       95
       +
       

     

       96
       +
       	if c.votes[userDID] == nil {

     

       97
       +
       		c.votes[userDID] = make(map[string]*CachedVote)

     

       98
       +
       	}

     

       99
       +
       

     

       100
       +
       	c.votes[userDID][subjectURI] = vote

     

       101
       +
       

     

       102
       +
       	// Always extend expiry on vote action - active users keep their cache fresh

     

       103
       +
       	c.expiry[userDID] = time.Now().Add(c.ttl)

     

       104
       +
       

     

       105
       +
       	c.logger.Debug("vote cached",

     

       106
       +
       		"user", userDID,

     

       107
       +
       		"subject", subjectURI,

     

       108
       +
       		"direction", vote.Direction)

     

       109
       +
       }

     

       110
       +
       

     

       111
       +
       // RemoveVote removes a vote from the cache (for toggle-off)

     

       112
       +
       func (c *VoteCache) RemoveVote(userDID, subjectURI string) {

     

       113
       +
       	c.mu.Lock()

     

       114
       +
       	defer c.mu.Unlock()

     

       115
       +
       

     

       116
       +
       	if c.votes[userDID] != nil {

     

       117
       +
       		delete(c.votes[userDID], subjectURI)

     

       118
       +
       

     

       119
       +
       		// Extend expiry on vote action - active users keep their cache fresh

     

       120
       +
       		c.expiry[userDID] = time.Now().Add(c.ttl)

     

       121
       +
       

     

       122
       +
       		c.logger.Debug("vote removed from cache",

     

       123
       +
       			"user", userDID,

     

       124
       +
       			"subject", subjectURI)

     

       125
       +
       	}

     

       126
       +
       }

     

       127
       +
       

     

       128
       +
       // Invalidate removes all cached votes for a user

     

       129
       +
       func (c *VoteCache) Invalidate(userDID string) {

     

       130
       +
       	c.mu.Lock()

     

       131
       +
       	defer c.mu.Unlock()

     

       132
       +
       

     

       133
       +
       	delete(c.votes, userDID)

     

       134
       +
       	delete(c.expiry, userDID)

     

       135
       +
       

     

       136
       +
       	c.logger.Debug("vote cache invalidated", "user", userDID)

     

       137
       +
       }

     

       138
       +
       

     

       139
       +
       // FetchAndCacheFromPDS fetches all votes from the user's PDS and caches them.

     

       140
       +
       // This should be called on first authenticated request or when cache is expired.

     

       141
       +
       func (c *VoteCache) FetchAndCacheFromPDS(ctx context.Context, pdsClient pds.Client) error {

     

       142
       +
       	userDID := pdsClient.DID()

     

       143
       +
       

     

       144
       +
       	c.logger.Debug("fetching votes from PDS",

     

       145
       +
       		"user", userDID,

     

       146
       +
       		"pds", pdsClient.HostURL())

     

       147
       +
       

     

       148
       +
       	votes, err := c.fetchAllVotesFromPDS(ctx, pdsClient)

     

       149
       +
       	if err != nil {

     

       150
       +
       		return fmt.Errorf("failed to fetch votes from PDS: %w", err)

     

       151
       +
       	}

     

       152
       +
       

     

       153
       +
       	c.SetVotesForUser(userDID, votes)

     

       154
       +
       

     

       155
       +
       	c.logger.Info("vote cache populated from PDS",

     

       156
       +
       		"user", userDID,

     

       157
       +
       		"vote_count", len(votes))

     

       158
       +
       

     

       159
       +
       	return nil

     

       160
       +
       }

     

       161
       +
       

     

       162
       +
       // fetchAllVotesFromPDS paginates through all vote records on the user's PDS

     

       163
       +
       func (c *VoteCache) fetchAllVotesFromPDS(ctx context.Context, pdsClient pds.Client) (map[string]*CachedVote, error) {

     

       164
       +
       	votes := make(map[string]*CachedVote)

     

       165
       +
       	cursor := ""

     

       166
       +
       	const pageSize = 100

     

       167
       +
       	const collection = "social.coves.feed.vote"

     

       168
       +
       

     

       169
       +
       	for {

     

       170
       +
       		result, err := pdsClient.ListRecords(ctx, collection, pageSize, cursor)

     

       171
       +
       		if err != nil {

     

       172
       +
       			if pds.IsAuthError(err) {

     

       173
       +
       				return nil, ErrNotAuthorized

     

       174
       +
       			}

     

       175
       +
       			return nil, fmt.Errorf("listRecords failed: %w", err)

     

       176
       +
       		}

     

       177
       +
       

     

       178
       +
       		for _, rec := range result.Records {

     

       179
       +
       			// Extract subject from record value

     

       180
       +
       			subject, ok := rec.Value["subject"].(map[string]any)

     

       181
       +
       			if !ok {

     

       182
       +
       				continue

     

       183
       +
       			}

     

       184
       +
       

     

       185
       +
       			subjectURI, ok := subject["uri"].(string)

     

       186
       +
       			if !ok || subjectURI == "" {

     

       187
       +
       				continue

     

       188
       +
       			}

     

       189
       +
       

     

       190
       +
       			direction, _ := rec.Value["direction"].(string)

     

       191
       +
       			if direction == "" {

     

       192
       +
       				continue

     

       193
       +
       			}

     

       194
       +
       

     

       195
       +
       			// Extract rkey from URI

     

       196
       +
       			rkey := extractRKeyFromURI(rec.URI)

     

       197
       +
       

     

       198
       +
       			votes[subjectURI] = &CachedVote{

     

       199
       +
       				Direction: direction,

     

       200
       +
       				URI:       rec.URI,

     

       201
       +
       				RKey:      rkey,

     

       202
       +
       			}

     

       203
       +
       		}

     

       204
       +
       

     

       205
       +
       		if result.Cursor == "" {

     

       206
       +
       			break

     

       207
       +
       		}

     

       208
       +
       		cursor = result.Cursor

     

       209
       +
       	}

     

       210
       +
       

     

       211
       +
       	return votes, nil

     

       212
       +
       }

     

       213
       +
       

     

       214
       +
       // extractRKeyFromURI extracts the rkey from an AT-URI (at://did/collection/rkey)

     

       215
       +
       func extractRKeyFromURI(uri string) string {

     

       216
       +
       	parts := strings.Split(uri, "/")

     

       217
       +
       	if len(parts) >= 5 {

     

       218
       +
       		return parts[len(parts)-1]

     

       219
       +
       	}

     

       220
       +
       	return ""

     

       221
       +
       }

+84 -2

internal/core/votes/service_impl.go

···

       30
        
       	oauthStore       oauth.ClientAuthStore

     

       31
        
       	logger           *slog.Logger

     

       32
        
       	pdsClientFactory PDSClientFactory // Optional, for testing. If nil, uses OAuth.

     

       0
        
       
     

       33
        
       }

     

       34
        
       

     

       35
        
       // NewService creates a new vote service instance

     

       36
       -
       func NewService(repo Repository, oauthClient *oauthclient.OAuthClient, oauthStore oauth.ClientAuthStore, logger *slog.Logger) Service {

     

       37
        
       	if logger == nil {

     

       38
        
       		logger = slog.Default()

     

       39
        
       	}

     
···

       41
        
       		repo:        repo,

     

       42
        
       		oauthClient: oauthClient,

     

       43
        
       		oauthStore:  oauthStore,

     

       0
        
       
     

       44
        
       		logger:      logger,

     

       45
        
       	}

     

       46
        
       }

     

       47
        
       

     

       48
        
       // NewServiceWithPDSFactory creates a vote service with a custom PDS client factory.

     

       49
        
       // This is primarily for testing with password-based authentication.

     

       50
       -
       func NewServiceWithPDSFactory(repo Repository, logger *slog.Logger, factory PDSClientFactory) Service {

     

       51
        
       	if logger == nil {

     

       52
        
       		logger = slog.Default()

     

       53
        
       	}

     

       54
        
       	return &voteService{

     

       55
        
       		repo:             repo,

     

       0
        
       
     

       56
        
       		logger:           logger,

     

       57
        
       		pdsClientFactory: factory,

     

       58
        
       	}

     
···

       150
        
       				"subject", req.Subject.URI,

     

       151
        
       				"direction", req.Direction)

     

       152
        
       

     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       153
        
       			// Return empty response to indicate deletion

     

       154
        
       			return &CreateVoteResponse{

     

       155
        
       				URI: "",

     
···

       197
        
       		"uri", uri,

     

       198
        
       		"cid", cid)

     

       199
        
       

     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       200
        
       	return &CreateVoteResponse{

     

       201
        
       		URI: uri,

     

       202
        
       		CID: cid,

     
···

       253
        
       		"subject", req.Subject.URI,

     

       254
        
       		"uri", existing.URI)

     

       255
        
       

     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       256
        
       	return nil

     

       257
        
       }

     

       258
        
       

     
···

       350
        
       	// No vote found for this subject after checking all pages

     

       351
        
       	return nil, nil

     

       352
        
       }

     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0

···

       30
        
       	oauthStore       oauth.ClientAuthStore

     

       31
        
       	logger           *slog.Logger

     

       32
        
       	pdsClientFactory PDSClientFactory // Optional, for testing. If nil, uses OAuth.

     

       33
       +
       	cache            *VoteCache       // In-memory cache of user votes from PDS

     

       34
        
       }

     

       35
        
       

     

       36
        
       // NewService creates a new vote service instance

     

       37
       +
       func NewService(repo Repository, oauthClient *oauthclient.OAuthClient, oauthStore oauth.ClientAuthStore, cache *VoteCache, logger *slog.Logger) Service {

     

       38
        
       	if logger == nil {

     

       39
        
       		logger = slog.Default()

     

       40
        
       	}

     
···

       42
        
       		repo:        repo,

     

       43
        
       		oauthClient: oauthClient,

     

       44
        
       		oauthStore:  oauthStore,

     

       45
       +
       		cache:       cache,

     

       46
        
       		logger:      logger,

     

       47
        
       	}

     

       48
        
       }

     

       49
        
       

     

       50
        
       // NewServiceWithPDSFactory creates a vote service with a custom PDS client factory.

     

       51
        
       // This is primarily for testing with password-based authentication.

     

       52
       +
       func NewServiceWithPDSFactory(repo Repository, cache *VoteCache, logger *slog.Logger, factory PDSClientFactory) Service {

     

       53
        
       	if logger == nil {

     

       54
        
       		logger = slog.Default()

     

       55
        
       	}

     

       56
        
       	return &voteService{

     

       57
        
       		repo:             repo,

     

       58
       +
       		cache:            cache,

     

       59
        
       		logger:           logger,

     

       60
        
       		pdsClientFactory: factory,

     

       61
        
       	}

     
···

       153
        
       				"subject", req.Subject.URI,

     

       154
        
       				"direction", req.Direction)

     

       155
        
       

     

       156
       +
       			// Update cache - remove the vote

     

       157
       +
       			if s.cache != nil {

     

       158
       +
       				s.cache.RemoveVote(session.AccountDID.String(), req.Subject.URI)

     

       159
       +
       			}

     

       160
       +
       

     

       161
        
       			// Return empty response to indicate deletion

     

       162
        
       			return &CreateVoteResponse{

     

       163
        
       				URI: "",

     
···

       205
        
       		"uri", uri,

     

       206
        
       		"cid", cid)

     

       207
        
       

     

       208
       +
       	// Update cache - add the new vote

     

       209
       +
       	if s.cache != nil {

     

       210
       +
       		s.cache.SetVote(session.AccountDID.String(), req.Subject.URI, &CachedVote{

     

       211
       +
       			Direction: req.Direction,

     

       212
       +
       			URI:       uri,

     

       213
       +
       			RKey:      extractRKeyFromURI(uri),

     

       214
       +
       		})

     

       215
       +
       	}

     

       216
       +
       

     

       217
        
       	return &CreateVoteResponse{

     

       218
        
       		URI: uri,

     

       219
        
       		CID: cid,

     
···

       270
        
       		"subject", req.Subject.URI,

     

       271
        
       		"uri", existing.URI)

     

       272
        
       

     

       273
       +
       	// Update cache - remove the vote

     

       274
       +
       	if s.cache != nil {

     

       275
       +
       		s.cache.RemoveVote(session.AccountDID.String(), req.Subject.URI)

     

       276
       +
       	}

     

       277
       +
       

     

       278
        
       	return nil

     

       279
        
       }

     

       280
        
       

     
···

       372
        
       	// No vote found for this subject after checking all pages

     

       373
        
       	return nil, nil

     

       374
        
       }

     

       375
       +
       

     

       376
       +
       // EnsureCachePopulated fetches the user's votes from their PDS if not already cached.

     

       377
       +
       func (s *voteService) EnsureCachePopulated(ctx context.Context, session *oauth.ClientSessionData) error {

     

       378
       +
       	if s.cache == nil {

     

       379
       +
       		return nil // No cache configured

     

       380
       +
       	}

     

       381
       +
       

     

       382
       +
       	// Check if already cached

     

       383
       +
       	if s.cache.IsCached(session.AccountDID.String()) {

     

       384
       +
       		return nil

     

       385
       +
       	}

     

       386
       +
       

     

       387
       +
       	// Create PDS client for this session

     

       388
       +
       	pdsClient, err := s.getPDSClient(ctx, session)

     

       389
       +
       	if err != nil {

     

       390
       +
       		s.logger.Error("failed to create PDS client for cache population",

     

       391
       +
       			"error", err,

     

       392
       +
       			"user", session.AccountDID)

     

       393
       +
       		return fmt.Errorf("failed to create PDS client: %w", err)

     

       394
       +
       	}

     

       395
       +
       

     

       396
       +
       	// Fetch and cache votes from PDS

     

       397
       +
       	if err := s.cache.FetchAndCacheFromPDS(ctx, pdsClient); err != nil {

     

       398
       +
       		s.logger.Error("failed to populate vote cache from PDS",

     

       399
       +
       			"error", err,

     

       400
       +
       			"user", session.AccountDID)

     

       401
       +
       		return fmt.Errorf("failed to populate vote cache: %w", err)

     

       402
       +
       	}

     

       403
       +
       

     

       404
       +
       	return nil

     

       405
       +
       }

     

       406
       +
       

     

       407
       +
       // GetViewerVote returns the viewer's vote for a specific subject, or nil if not voted.

     

       408
       +
       func (s *voteService) GetViewerVote(userDID, subjectURI string) *CachedVote {

     

       409
       +
       	if s.cache == nil {

     

       410
       +
       		return nil

     

       411
       +
       	}

     

       412
       +
       	return s.cache.GetVote(userDID, subjectURI)

     

       413
       +
       }

     

       414
       +
       

     

       415
       +
       // GetViewerVotesForSubjects returns the viewer's votes for multiple subjects.

     

       416
       +
       func (s *voteService) GetViewerVotesForSubjects(userDID string, subjectURIs []string) map[string]*CachedVote {

     

       417
       +
       	result := make(map[string]*CachedVote)

     

       418
       +
       	if s.cache == nil {

     

       419
       +
       		return result

     

       420
       +
       	}

     

       421
       +
       

     

       422
       +
       	allVotes := s.cache.GetVotesForUser(userDID)

     

       423
       +
       	if allVotes == nil {

     

       424
       +
       		return result

     

       425
       +
       	}

     

       426
       +
       

     

       427
       +
       	for _, uri := range subjectURIs {

     

       428
       +
       		if vote, exists := allVotes[uri]; exists {

     

       429
       +
       			result[uri] = vote

     

       430
       +
       		}

     

       431
       +
       	}

     

       432
       +
       

     

       433
       +
       	return result

     

       434
       +
       }

+76 -16

internal/atproto/jetstream/vote_consumer.go

···

       99
        
       	}

     

       100
        
       

     

       101
        
       	// Atomically: Index vote + Update post counts

     

       102
       -
       	if err := c.indexVoteAndUpdateCounts(ctx, vote); err != nil {

     

       0
        
       
     

       103
        
       		return fmt.Errorf("failed to index vote and update counts: %w", err)

     

       104
        
       	}

     

       105
        
       

     

       106
       -
       	log.Printf("✓ Indexed vote: %s (%s on %s)", uri, vote.Direction, vote.SubjectURI)

     

       0
        
       
     

       0
        
       
     

       107
        
       	return nil

     

       108
        
       }

     

       109
        
       

     
···

       133
        
       }

     

       134
        
       

     

       135
        
       // indexVoteAndUpdateCounts atomically indexes a vote and updates post vote counts

     

       136
       -
       func (c *VoteEventConsumer) indexVoteAndUpdateCounts(ctx context.Context, vote *votes.Vote) error {

     

       0
        
       
     

       137
        
       	tx, err := c.db.BeginTx(ctx, nil)

     

       138
        
       	if err != nil {

     

       139
       -
       		return fmt.Errorf("failed to begin transaction: %w", err)

     

       140
        
       	}

     

       141
        
       	defer func() {

     

       142
        
       		if rollbackErr := tx.Rollback(); rollbackErr != nil && rollbackErr != sql.ErrTxDone {

     
···

       144
        
       		}

     

       145
        
       	}()

     

       146
        
       

     

       147
       -
       	// 1. Index the vote (idempotent with ON CONFLICT DO NOTHING)

     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       148
        
       	query := `

     

       149
        
       		INSERT INTO votes (

     

       150
        
       			uri, cid, rkey, voter_did,

     
···

       169
        
       

     

       170
        
       	// If no rows returned, vote already exists (idempotent - OK for Jetstream replays)

     

       171
        
       	if err == sql.ErrNoRows {

     

       172
       -
       		log.Printf("Vote already indexed: %s (idempotent)", vote.URI)

     

       173
        
       		if commitErr := tx.Commit(); commitErr != nil {

     

       174
       -
       			return fmt.Errorf("failed to commit transaction: %w", commitErr)

     

       175
        
       		}

     

       176
       -
       		return nil

     

       177
        
       	}

     

       178
        
       

     

       179
        
       	if err != nil {

     

       180
       -
       		return fmt.Errorf("failed to insert vote: %w", err)

     

       181
        
       	}

     

       182
        
       

     

       183
       -
       	// 2. Update vote counts on the subject (post or comment)

     

       184
        
       	// Parse collection from subject URI to determine target table

     

       185
        
       	collection := utils.ExtractCollectionFromURI(vote.SubjectURI)

     

       186
        
       

     
···

       227
        
       		// Vote is still indexed in votes table, we just don't update denormalized counts

     

       228
        
       		log.Printf("Vote subject has unsupported collection: %s (vote indexed, counts not updated)", collection)

     

       229
        
       		if commitErr := tx.Commit(); commitErr != nil {

     

       230
       -
       			return fmt.Errorf("failed to commit transaction: %w", commitErr)

     

       231
        
       		}

     

       232
       -
       		return nil

     

       233
        
       	}

     

       234
        
       

     

       235
        
       	result, err := tx.ExecContext(ctx, updateQuery, vote.SubjectURI)

     

       236
        
       	if err != nil {

     

       237
       -
       		return fmt.Errorf("failed to update vote counts: %w", err)

     

       238
        
       	}

     

       239
        
       

     

       240
        
       	rowsAffected, err := result.RowsAffected()

     

       241
        
       	if err != nil {

     

       242
       -
       		return fmt.Errorf("failed to check update result: %w", err)

     

       243
        
       	}

     

       244
        
       

     

       245
        
       	// If subject doesn't exist or is deleted, that's OK (vote still indexed)

     
···

       249
        
       

     

       250
        
       	// Commit transaction

     

       251
        
       	if err := tx.Commit(); err != nil {

     

       252
       -
       		return fmt.Errorf("failed to commit transaction: %w", err)

     

       253
        
       	}

     

       254
        
       

     

       255
       -
       	return nil

     

       256
        
       }

     

       257
        
       

     

       258
        
       // deleteVoteAndUpdateCounts atomically soft-deletes a vote and updates post vote counts

···

       99
        
       	}

     

       100
        
       

     

       101
        
       	// Atomically: Index vote + Update post counts

     

       102
       +
       	wasNew, err := c.indexVoteAndUpdateCounts(ctx, vote)

     

       103
       +
       	if err != nil {

     

       104
        
       		return fmt.Errorf("failed to index vote and update counts: %w", err)

     

       105
        
       	}

     

       106
        
       

     

       107
       +
       	if wasNew {

     

       108
       +
       		log.Printf("✓ Indexed vote: %s (%s on %s)", uri, vote.Direction, vote.SubjectURI)

     

       109
       +
       	}

     

       110
        
       	return nil

     

       111
        
       }

     

       112
        
       

     
···

       136
        
       }

     

       137
        
       

     

       138
        
       // indexVoteAndUpdateCounts atomically indexes a vote and updates post vote counts

     

       139
       +
       // Returns (true, nil) if vote was newly inserted, (false, nil) if already existed (idempotent)

     

       140
       +
       func (c *VoteEventConsumer) indexVoteAndUpdateCounts(ctx context.Context, vote *votes.Vote) (bool, error) {

     

       141
        
       	tx, err := c.db.BeginTx(ctx, nil)

     

       142
        
       	if err != nil {

     

       143
       +
       		return false, fmt.Errorf("failed to begin transaction: %w", err)

     

       144
        
       	}

     

       145
        
       	defer func() {

     

       146
        
       		if rollbackErr := tx.Rollback(); rollbackErr != nil && rollbackErr != sql.ErrTxDone {

     
···

       148
        
       		}

     

       149
        
       	}()

     

       150
        
       

     

       151
       +
       	// 1. Check for existing active vote with different URI (stale record)

     

       152
       +
       	// This handles cases where:

     

       153
       +
       	// - User voted on another client and we missed the delete event

     

       154
       +
       	// - Vote was reindexed but user created a new vote with different rkey

     

       155
       +
       	// - Any other state mismatch between PDS and AppView

     

       156
       +
       	var existingDirection sql.NullString

     

       157
       +
       	checkQuery := `

     

       158
       +
       		SELECT direction FROM votes

     

       159
       +
       		WHERE voter_did = $1

     

       160
       +
       		  AND subject_uri = $2

     

       161
       +
       		  AND deleted_at IS NULL

     

       162
       +
       		  AND uri != $3

     

       163
       +
       		LIMIT 1

     

       164
       +
       	`

     

       165
       +
       	if err := tx.QueryRowContext(ctx, checkQuery, vote.VoterDID, vote.SubjectURI, vote.URI).Scan(&existingDirection); err != nil && err != sql.ErrNoRows {

     

       166
       +
       		return false, fmt.Errorf("failed to check existing vote: %w", err)

     

       167
       +
       	}

     

       168
       +
       

     

       169
       +
       	// If there's a stale vote, soft-delete it and adjust counts

     

       170
       +
       	if existingDirection.Valid {

     

       171
       +
       		softDeleteQuery := `

     

       172
       +
       			UPDATE votes

     

       173
       +
       			SET deleted_at = NOW()

     

       174
       +
       			WHERE voter_did = $1

     

       175
       +
       			  AND subject_uri = $2

     

       176
       +
       			  AND deleted_at IS NULL

     

       177
       +
       			  AND uri != $3

     

       178
       +
       		`

     

       179
       +
       		if _, err := tx.ExecContext(ctx, softDeleteQuery, vote.VoterDID, vote.SubjectURI, vote.URI); err != nil {

     

       180
       +
       			return false, fmt.Errorf("failed to soft-delete existing votes: %w", err)

     

       181
       +
       		}

     

       182
       +
       

     

       183
       +
       		// Decrement the old vote's count (will be re-incremented below if same direction)

     

       184
       +
       		collection := utils.ExtractCollectionFromURI(vote.SubjectURI)

     

       185
       +
       		var decrementQuery string

     

       186
       +
       		if existingDirection.String == "up" {

     

       187
       +
       			if collection == "social.coves.community.post" {

     

       188
       +
       				decrementQuery = `UPDATE posts SET upvote_count = GREATEST(0, upvote_count - 1), score = upvote_count - 1 - downvote_count WHERE uri = $1 AND deleted_at IS NULL`

     

       189
       +
       			} else if collection == "social.coves.community.comment" {

     

       190
       +
       				decrementQuery = `UPDATE comments SET upvote_count = GREATEST(0, upvote_count - 1), score = upvote_count - 1 - downvote_count WHERE uri = $1 AND deleted_at IS NULL`

     

       191
       +
       			}

     

       192
       +
       		} else {

     

       193
       +
       			if collection == "social.coves.community.post" {

     

       194
       +
       				decrementQuery = `UPDATE posts SET downvote_count = GREATEST(0, downvote_count - 1), score = upvote_count - (downvote_count - 1) WHERE uri = $1 AND deleted_at IS NULL`

     

       195
       +
       			} else if collection == "social.coves.community.comment" {

     

       196
       +
       				decrementQuery = `UPDATE comments SET downvote_count = GREATEST(0, downvote_count - 1), score = upvote_count - (downvote_count - 1) WHERE uri = $1 AND deleted_at IS NULL`

     

       197
       +
       			}

     

       198
       +
       		}

     

       199
       +
       		if decrementQuery != "" {

     

       200
       +
       			if _, err := tx.ExecContext(ctx, decrementQuery, vote.SubjectURI); err != nil {

     

       201
       +
       				return false, fmt.Errorf("failed to decrement old vote count: %w", err)

     

       202
       +
       			}

     

       203
       +
       		}

     

       204
       +
       		log.Printf("Cleaned up stale vote for %s on %s (was %s)", vote.VoterDID, vote.SubjectURI, existingDirection.String)

     

       205
       +
       	}

     

       206
       +
       

     

       207
       +
       	// 2. Index the vote (idempotent with ON CONFLICT DO NOTHING)

     

       208
        
       	query := `

     

       209
        
       		INSERT INTO votes (

     

       210
        
       			uri, cid, rkey, voter_did,

     
···

       229
        
       

     

       230
        
       	// If no rows returned, vote already exists (idempotent - OK for Jetstream replays)

     

       231
        
       	if err == sql.ErrNoRows {

     

       232
       +
       		// Silently handle idempotent case - no log needed for replayed events

     

       233
        
       		if commitErr := tx.Commit(); commitErr != nil {

     

       234
       +
       			return false, fmt.Errorf("failed to commit transaction: %w", commitErr)

     

       235
        
       		}

     

       236
       +
       		return false, nil // Vote already existed

     

       237
        
       	}

     

       238
        
       

     

       239
        
       	if err != nil {

     

       240
       +
       		return false, fmt.Errorf("failed to insert vote: %w", err)

     

       241
        
       	}

     

       242
        
       

     

       243
       +
       	// 3. Update vote counts on the subject (post or comment)

     

       244
        
       	// Parse collection from subject URI to determine target table

     

       245
        
       	collection := utils.ExtractCollectionFromURI(vote.SubjectURI)

     

       246
        
       

     
···

       287
        
       		// Vote is still indexed in votes table, we just don't update denormalized counts

     

       288
        
       		log.Printf("Vote subject has unsupported collection: %s (vote indexed, counts not updated)", collection)

     

       289
        
       		if commitErr := tx.Commit(); commitErr != nil {

     

       290
       +
       			return false, fmt.Errorf("failed to commit transaction: %w", commitErr)

     

       291
        
       		}

     

       292
       +
       		return true, nil // Vote was newly indexed

     

       293
        
       	}

     

       294
        
       

     

       295
        
       	result, err := tx.ExecContext(ctx, updateQuery, vote.SubjectURI)

     

       296
        
       	if err != nil {

     

       297
       +
       		return false, fmt.Errorf("failed to update vote counts: %w", err)

     

       298
        
       	}

     

       299
        
       

     

       300
        
       	rowsAffected, err := result.RowsAffected()

     

       301
        
       	if err != nil {

     

       302
       +
       		return false, fmt.Errorf("failed to check update result: %w", err)

     

       303
        
       	}

     

       304
        
       

     

       305
        
       	// If subject doesn't exist or is deleted, that's OK (vote still indexed)

     
···

       309
        
       

     

       310
        
       	// Commit transaction

     

       311
        
       	if err := tx.Commit(); err != nil {

     

       312
       +
       		return false, fmt.Errorf("failed to commit transaction: %w", err)

     

       313
        
       	}

     

       314
        
       

     

       315
       +
       	return true, nil // Vote was newly indexed

     

       316
        
       }

     

       317
        
       

     

       318
        
       // deleteVoteAndUpdateCounts atomically soft-deletes a vote and updates post vote counts

+109

internal/atproto/lexicon/social/coves/community/comment/create.json

···

       1
       +
       {

     

       2
       +
         "lexicon": 1,

     

       3
       +
         "id": "social.coves.community.comment.create",

     

       4
       +
         "defs": {

     

       5
       +
           "main": {

     

       6
       +
             "type": "procedure",

     

       7
       +
             "description": "Create a comment on a post or another comment. Comments support nested threading, rich text, embeds, and self-labeling.",

     

       8
       +
             "input": {

     

       9
       +
               "encoding": "application/json",

     

       10
       +
               "schema": {

     

       11
       +
                 "type": "object",

     

       12
       +
                 "required": ["reply", "content"],

     

       13
       +
                 "properties": {

     

       14
       +
                   "reply": {

     

       15
       +
                     "type": "object",

     

       16
       +
                     "description": "References for maintaining thread structure. Root always points to the original post, parent points to the immediate parent (post or comment).",

     

       17
       +
                     "required": ["root", "parent"],

     

       18
       +
                     "properties": {

     

       19
       +
                       "root": {

     

       20
       +
                         "type": "ref",

     

       21
       +
                         "ref": "com.atproto.repo.strongRef",

     

       22
       +
                         "description": "Strong reference to the original post that started the thread"

     

       23
       +
                       },

     

       24
       +
                       "parent": {

     

       25
       +
                         "type": "ref",

     

       26
       +
                         "ref": "com.atproto.repo.strongRef",

     

       27
       +
                         "description": "Strong reference to the immediate parent (post or comment) being replied to"

     

       28
       +
                       }

     

       29
       +
                     }

     

       30
       +
                   },

     

       31
       +
                   "content": {

     

       32
       +
                     "type": "string",

     

       33
       +
                     "maxGraphemes": 10000,

     

       34
       +
                     "maxLength": 100000,

     

       35
       +
                     "description": "Comment text content"

     

       36
       +
                   },

     

       37
       +
                   "facets": {

     

       38
       +
                     "type": "array",

     

       39
       +
                     "description": "Annotations for rich text (mentions, links, etc.)",

     

       40
       +
                     "items": {

     

       41
       +
                       "type": "ref",

     

       42
       +
                       "ref": "social.coves.richtext.facet"

     

       43
       +
                     }

     

       44
       +
                   },

     

       45
       +
                   "embed": {

     

       46
       +
                     "type": "union",

     

       47
       +
                     "description": "Embedded media or quoted posts",

     

       48
       +
                     "refs": [

     

       49
       +
                       "social.coves.embed.images",

     

       50
       +
                       "social.coves.embed.post"

     

       51
       +
                     ]

     

       52
       +
                   },

     

       53
       +
                   "langs": {

     

       54
       +
                     "type": "array",

     

       55
       +
                     "description": "Languages used in the comment content (ISO 639-1)",

     

       56
       +
                     "maxLength": 3,

     

       57
       +
                     "items": {

     

       58
       +
                       "type": "string",

     

       59
       +
                       "format": "language"

     

       60
       +
                     }

     

       61
       +
                   },

     

       62
       +
                   "labels": {

     

       63
       +
                     "type": "ref",

     

       64
       +
                     "ref": "com.atproto.label.defs#selfLabels",

     

       65
       +
                     "description": "Self-applied content labels"

     

       66
       +
                   }

     

       67
       +
                 }

     

       68
       +
               }

     

       69
       +
             },

     

       70
       +
             "output": {

     

       71
       +
               "encoding": "application/json",

     

       72
       +
               "schema": {

     

       73
       +
                 "type": "object",

     

       74
       +
                 "required": ["uri", "cid"],

     

       75
       +
                 "properties": {

     

       76
       +
                   "uri": {

     

       77
       +
                     "type": "string",

     

       78
       +
                     "format": "at-uri",

     

       79
       +
                     "description": "AT-URI of the created comment"

     

       80
       +
                   },

     

       81
       +
                   "cid": {

     

       82
       +
                     "type": "string",

     

       83
       +
                     "format": "cid",

     

       84
       +
                     "description": "CID of the created comment record"

     

       85
       +
                   }

     

       86
       +
                 }

     

       87
       +
               }

     

       88
       +
             },

     

       89
       +
             "errors": [

     

       90
       +
               {

     

       91
       +
                 "name": "InvalidReply",

     

       92
       +
                 "description": "The reply reference is invalid, malformed, or refers to non-existent content"

     

       93
       +
               },

     

       94
       +
               {

     

       95
       +
                 "name": "ContentTooLong",

     

       96
       +
                 "description": "Comment content exceeds maximum length constraints"

     

       97
       +
               },

     

       98
       +
               {

     

       99
       +
                 "name": "ContentEmpty",

     

       100
       +
                 "description": "Comment content is empty or contains only whitespace"

     

       101
       +
               },

     

       102
       +
               {

     

       103
       +
                 "name": "NotAuthorized",

     

       104
       +
                 "description": "User is not authorized to create comments on this content"

     

       105
       +
               }

     

       106
       +
             ]

     

       107
       +
           }

     

       108
       +
         }

     

       109
       +
       }

+41

internal/atproto/lexicon/social/coves/community/comment/delete.json

···

       1
       +
       {

     

       2
       +
         "lexicon": 1,

     

       3
       +
         "id": "social.coves.community.comment.delete",

     

       4
       +
         "defs": {

     

       5
       +
           "main": {

     

       6
       +
             "type": "procedure",

     

       7
       +
             "description": "Delete a comment. Only the comment author can delete their own comments.",

     

       8
       +
             "input": {

     

       9
       +
               "encoding": "application/json",

     

       10
       +
               "schema": {

     

       11
       +
                 "type": "object",

     

       12
       +
                 "required": ["uri"],

     

       13
       +
                 "properties": {

     

       14
       +
                   "uri": {

     

       15
       +
                     "type": "string",

     

       16
       +
                     "format": "at-uri",

     

       17
       +
                     "description": "AT-URI of the comment to delete"

     

       18
       +
                   }

     

       19
       +
                 }

     

       20
       +
               }

     

       21
       +
             },

     

       22
       +
             "output": {

     

       23
       +
               "encoding": "application/json",

     

       24
       +
               "schema": {

     

       25
       +
                 "type": "object",

     

       26
       +
                 "properties": {}

     

       27
       +
               }

     

       28
       +
             },

     

       29
       +
             "errors": [

     

       30
       +
               {

     

       31
       +
                 "name": "CommentNotFound",

     

       32
       +
                 "description": "Comment with the specified URI does not exist"

     

       33
       +
               },

     

       34
       +
               {

     

       35
       +
                 "name": "NotAuthorized",

     

       36
       +
                 "description": "User is not authorized to delete this comment (not the author)"

     

       37
       +
               }

     

       38
       +
             ]

     

       39
       +
           }

     

       40
       +
         }

     

       41
       +
       }

+97

internal/atproto/lexicon/social/coves/community/comment/update.json

···

       1
       +
       {

     

       2
       +
         "lexicon": 1,

     

       3
       +
         "id": "social.coves.community.comment.update",

     

       4
       +
         "defs": {

     

       5
       +
           "main": {

     

       6
       +
             "type": "procedure",

     

       7
       +
             "description": "Update an existing comment's content, facets, embed, languages, or labels. Threading references (reply.root and reply.parent) are immutable and cannot be changed.",

     

       8
       +
             "input": {

     

       9
       +
               "encoding": "application/json",

     

       10
       +
               "schema": {

     

       11
       +
                 "type": "object",

     

       12
       +
                 "required": ["uri", "content"],

     

       13
       +
                 "properties": {

     

       14
       +
                   "uri": {

     

       15
       +
                     "type": "string",

     

       16
       +
                     "format": "at-uri",

     

       17
       +
                     "description": "AT-URI of the comment to update"

     

       18
       +
                   },

     

       19
       +
                   "content": {

     

       20
       +
                     "type": "string",

     

       21
       +
                     "maxGraphemes": 10000,

     

       22
       +
                     "maxLength": 100000,

     

       23
       +
                     "description": "Updated comment text content"

     

       24
       +
                   },

     

       25
       +
                   "facets": {

     

       26
       +
                     "type": "array",

     

       27
       +
                     "description": "Updated annotations for rich text (mentions, links, etc.)",

     

       28
       +
                     "items": {

     

       29
       +
                       "type": "ref",

     

       30
       +
                       "ref": "social.coves.richtext.facet"

     

       31
       +
                     }

     

       32
       +
                   },

     

       33
       +
                   "embed": {

     

       34
       +
                     "type": "union",

     

       35
       +
                     "description": "Updated embedded media or quoted posts",

     

       36
       +
                     "refs": [

     

       37
       +
                       "social.coves.embed.images",

     

       38
       +
                       "social.coves.embed.post"

     

       39
       +
                     ]

     

       40
       +
                   },

     

       41
       +
                   "langs": {

     

       42
       +
                     "type": "array",

     

       43
       +
                     "description": "Updated languages used in the comment content (ISO 639-1)",

     

       44
       +
                     "maxLength": 3,

     

       45
       +
                     "items": {

     

       46
       +
                       "type": "string",

     

       47
       +
                       "format": "language"

     

       48
       +
                     }

     

       49
       +
                   },

     

       50
       +
                   "labels": {

     

       51
       +
                     "type": "ref",

     

       52
       +
                     "ref": "com.atproto.label.defs#selfLabels",

     

       53
       +
                     "description": "Updated self-applied content labels"

     

       54
       +
                   }

     

       55
       +
                 }

     

       56
       +
               }

     

       57
       +
             },

     

       58
       +
             "output": {

     

       59
       +
               "encoding": "application/json",

     

       60
       +
               "schema": {

     

       61
       +
                 "type": "object",

     

       62
       +
                 "required": ["uri", "cid"],

     

       63
       +
                 "properties": {

     

       64
       +
                   "uri": {

     

       65
       +
                     "type": "string",

     

       66
       +
                     "format": "at-uri",

     

       67
       +
                     "description": "AT-URI of the updated comment (unchanged from input)"

     

       68
       +
                   },

     

       69
       +
                   "cid": {

     

       70
       +
                     "type": "string",

     

       71
       +
                     "format": "cid",

     

       72
       +
                     "description": "New CID of the updated comment record"

     

       73
       +
                   }

     

       74
       +
                 }

     

       75
       +
               }

     

       76
       +
             },

     

       77
       +
             "errors": [

     

       78
       +
               {

     

       79
       +
                 "name": "CommentNotFound",

     

       80
       +
                 "description": "Comment with the specified URI does not exist"

     

       81
       +
               },

     

       82
       +
               {

     

       83
       +
                 "name": "ContentTooLong",

     

       84
       +
                 "description": "Updated comment content exceeds maximum length constraints"

     

       85
       +
               },

     

       86
       +
               {

     

       87
       +
                 "name": "ContentEmpty",

     

       88
       +
                 "description": "Updated comment content is empty or contains only whitespace"

     

       89
       +
               },

     

       90
       +
               {

     

       91
       +
                 "name": "NotAuthorized",

     

       92
       +
                 "description": "User is not authorized to update this comment (not the author)"

     

       93
       +
               }

     

       94
       +
             ]

     

       95
       +
           }

     

       96
       +
         }

     

       97
       +
       }

+38

internal/core/comments/types.go

···

       1
       +
       package comments

     

       2
       +
       

     

       3
       +
       // CreateCommentRequest contains parameters for creating a comment

     

       4
       +
       type CreateCommentRequest struct {

     

       5
       +
       	Reply   ReplyRef      `json:"reply"`

     

       6
       +
       	Content string        `json:"content"`

     

       7
       +
       	Facets  []interface{} `json:"facets,omitempty"`

     

       8
       +
       	Embed   interface{}   `json:"embed,omitempty"`

     

       9
       +
       	Langs   []string      `json:"langs,omitempty"`

     

       10
       +
       	Labels  *SelfLabels   `json:"labels,omitempty"`

     

       11
       +
       }

     

       12
       +
       

     

       13
       +
       // CreateCommentResponse contains the result of creating a comment

     

       14
       +
       type CreateCommentResponse struct {

     

       15
       +
       	URI string `json:"uri"`

     

       16
       +
       	CID string `json:"cid"`

     

       17
       +
       }

     

       18
       +
       

     

       19
       +
       // UpdateCommentRequest contains parameters for updating a comment

     

       20
       +
       type UpdateCommentRequest struct {

     

       21
       +
       	URI     string        `json:"uri"`

     

       22
       +
       	Content string        `json:"content"`

     

       23
       +
       	Facets  []interface{} `json:"facets,omitempty"`

     

       24
       +
       	Embed   interface{}   `json:"embed,omitempty"`

     

       25
       +
       	Langs   []string      `json:"langs,omitempty"`

     

       26
       +
       	Labels  *SelfLabels   `json:"labels,omitempty"`

     

       27
       +
       }

     

       28
       +
       

     

       29
       +
       // UpdateCommentResponse contains the result of updating a comment

     

       30
       +
       type UpdateCommentResponse struct {

     

       31
       +
       	URI string `json:"uri"`

     

       32
       +
       	CID string `json:"cid"`

     

       33
       +
       }

     

       34
       +
       

     

       35
       +
       // DeleteCommentRequest contains parameters for deleting a comment

     

       36
       +
       type DeleteCommentRequest struct {

     

       37
       +
       	URI string `json:"uri"`

     

       38
       +
       }

+130

internal/api/handlers/comments/create_comment.go

···

       1
       +
       package comments

     

       2
       +
       

     

       3
       +
       import (

     

       4
       +
       	"Coves/internal/api/middleware"

     

       5
       +
       	"Coves/internal/core/comments"

     

       6
       +
       	"encoding/json"

     

       7
       +
       	"log"

     

       8
       +
       	"net/http"

     

       9
       +
       )

     

       10
       +
       

     

       11
       +
       // CreateCommentHandler handles comment creation requests

     

       12
       +
       type CreateCommentHandler struct {

     

       13
       +
       	service comments.Service

     

       14
       +
       }

     

       15
       +
       

     

       16
       +
       // NewCreateCommentHandler creates a new handler for creating comments

     

       17
       +
       func NewCreateCommentHandler(service comments.Service) *CreateCommentHandler {

     

       18
       +
       	return &CreateCommentHandler{

     

       19
       +
       		service: service,

     

       20
       +
       	}

     

       21
       +
       }

     

       22
       +
       

     

       23
       +
       // CreateCommentInput matches the lexicon input schema for social.coves.community.comment.create

     

       24
       +
       type CreateCommentInput struct {

     

       25
       +
       	Reply struct {

     

       26
       +
       		Root struct {

     

       27
       +
       			URI string `json:"uri"`

     

       28
       +
       			CID string `json:"cid"`

     

       29
       +
       		} `json:"root"`

     

       30
       +
       		Parent struct {

     

       31
       +
       			URI string `json:"uri"`

     

       32
       +
       			CID string `json:"cid"`

     

       33
       +
       		} `json:"parent"`

     

       34
       +
       	} `json:"reply"`

     

       35
       +
       	Content string        `json:"content"`

     

       36
       +
       	Facets  []interface{} `json:"facets,omitempty"`

     

       37
       +
       	Embed   interface{}   `json:"embed,omitempty"`

     

       38
       +
       	Langs   []string      `json:"langs,omitempty"`

     

       39
       +
       	Labels  interface{}   `json:"labels,omitempty"`

     

       40
       +
       }

     

       41
       +
       

     

       42
       +
       // CreateCommentOutput matches the lexicon output schema

     

       43
       +
       type CreateCommentOutput struct {

     

       44
       +
       	URI string `json:"uri"`

     

       45
       +
       	CID string `json:"cid"`

     

       46
       +
       }

     

       47
       +
       

     

       48
       +
       // HandleCreate handles comment creation requests

     

       49
       +
       // POST /xrpc/social.coves.community.comment.create

     

       50
       +
       //

     

       51
       +
       // Request body: { "reply": { "root": {...}, "parent": {...} }, "content": "..." }

     

       52
       +
       // Response: { "uri": "at://...", "cid": "..." }

     

       53
       +
       func (h *CreateCommentHandler) HandleCreate(w http.ResponseWriter, r *http.Request) {

     

       54
       +
       	// 1. Check method is POST

     

       55
       +
       	if r.Method != http.MethodPost {

     

       56
       +
       		http.Error(w, "Method not allowed", http.StatusMethodNotAllowed)

     

       57
       +
       		return

     

       58
       +
       	}

     

       59
       +
       

     

       60
       +
       	// 2. Limit request body size to prevent DoS attacks (100KB should be plenty for comments)

     

       61
       +
       	r.Body = http.MaxBytesReader(w, r.Body, 100*1024)

     

       62
       +
       

     

       63
       +
       	// 3. Parse JSON body into CreateCommentInput

     

       64
       +
       	var input CreateCommentInput

     

       65
       +
       	if err := json.NewDecoder(r.Body).Decode(&input); err != nil {

     

       66
       +
       		writeError(w, http.StatusBadRequest, "InvalidRequest", "Invalid request body")

     

       67
       +
       		return

     

       68
       +
       	}

     

       69
       +
       

     

       70
       +
       	// 4. Get OAuth session from context (injected by auth middleware)

     

       71
       +
       	session := middleware.GetOAuthSession(r)

     

       72
       +
       	if session == nil {

     

       73
       +
       		writeError(w, http.StatusUnauthorized, "AuthRequired", "Authentication required")

     

       74
       +
       		return

     

       75
       +
       	}

     

       76
       +
       

     

       77
       +
       	// 5. Convert labels interface{} to *comments.SelfLabels if provided

     

       78
       +
       	var labels *comments.SelfLabels

     

       79
       +
       	if input.Labels != nil {

     

       80
       +
       		labelsJSON, err := json.Marshal(input.Labels)

     

       81
       +
       		if err != nil {

     

       82
       +
       			writeError(w, http.StatusBadRequest, "InvalidLabels", "Invalid labels format")

     

       83
       +
       			return

     

       84
       +
       		}

     

       85
       +
       		var selfLabels comments.SelfLabels

     

       86
       +
       		if err := json.Unmarshal(labelsJSON, &selfLabels); err != nil {

     

       87
       +
       			writeError(w, http.StatusBadRequest, "InvalidLabels", "Invalid labels structure")

     

       88
       +
       			return

     

       89
       +
       		}

     

       90
       +
       		labels = &selfLabels

     

       91
       +
       	}

     

       92
       +
       

     

       93
       +
       	// 6. Convert input to CreateCommentRequest

     

       94
       +
       	req := comments.CreateCommentRequest{

     

       95
       +
       		Reply: comments.ReplyRef{

     

       96
       +
       			Root: comments.StrongRef{

     

       97
       +
       				URI: input.Reply.Root.URI,

     

       98
       +
       				CID: input.Reply.Root.CID,

     

       99
       +
       			},

     

       100
       +
       			Parent: comments.StrongRef{

     

       101
       +
       				URI: input.Reply.Parent.URI,

     

       102
       +
       				CID: input.Reply.Parent.CID,

     

       103
       +
       			},

     

       104
       +
       		},

     

       105
       +
       		Content: input.Content,

     

       106
       +
       		Facets:  input.Facets,

     

       107
       +
       		Embed:   input.Embed,

     

       108
       +
       		Langs:   input.Langs,

     

       109
       +
       		Labels:  labels,

     

       110
       +
       	}

     

       111
       +
       

     

       112
       +
       	// 7. Call service to create comment

     

       113
       +
       	response, err := h.service.CreateComment(r.Context(), session, req)

     

       114
       +
       	if err != nil {

     

       115
       +
       		handleServiceError(w, err)

     

       116
       +
       		return

     

       117
       +
       	}

     

       118
       +
       

     

       119
       +
       	// 8. Return JSON response with URI and CID

     

       120
       +
       	output := CreateCommentOutput{

     

       121
       +
       		URI: response.URI,

     

       122
       +
       		CID: response.CID,

     

       123
       +
       	}

     

       124
       +
       

     

       125
       +
       	w.Header().Set("Content-Type", "application/json")

     

       126
       +
       	w.WriteHeader(http.StatusOK)

     

       127
       +
       	if err := json.NewEncoder(w).Encode(output); err != nil {

     

       128
       +
       		log.Printf("Failed to encode response: %v", err)

     

       129
       +
       	}

     

       130
       +
       }

+80

internal/api/handlers/comments/delete_comment.go

···

       1
       +
       package comments

     

       2
       +
       

     

       3
       +
       import (

     

       4
       +
       	"Coves/internal/api/middleware"

     

       5
       +
       	"Coves/internal/core/comments"

     

       6
       +
       	"encoding/json"

     

       7
       +
       	"log"

     

       8
       +
       	"net/http"

     

       9
       +
       )

     

       10
       +
       

     

       11
       +
       // DeleteCommentHandler handles comment deletion requests

     

       12
       +
       type DeleteCommentHandler struct {

     

       13
       +
       	service comments.Service

     

       14
       +
       }

     

       15
       +
       

     

       16
       +
       // NewDeleteCommentHandler creates a new handler for deleting comments

     

       17
       +
       func NewDeleteCommentHandler(service comments.Service) *DeleteCommentHandler {

     

       18
       +
       	return &DeleteCommentHandler{

     

       19
       +
       		service: service,

     

       20
       +
       	}

     

       21
       +
       }

     

       22
       +
       

     

       23
       +
       // DeleteCommentInput matches the lexicon input schema for social.coves.community.comment.delete

     

       24
       +
       type DeleteCommentInput struct {

     

       25
       +
       	URI string `json:"uri"`

     

       26
       +
       }

     

       27
       +
       

     

       28
       +
       // DeleteCommentOutput is empty per lexicon specification

     

       29
       +
       type DeleteCommentOutput struct{}

     

       30
       +
       

     

       31
       +
       // HandleDelete handles comment deletion requests

     

       32
       +
       // POST /xrpc/social.coves.community.comment.delete

     

       33
       +
       //

     

       34
       +
       // Request body: { "uri": "at://..." }

     

       35
       +
       // Response: {}

     

       36
       +
       func (h *DeleteCommentHandler) HandleDelete(w http.ResponseWriter, r *http.Request) {

     

       37
       +
       	// 1. Check method is POST

     

       38
       +
       	if r.Method != http.MethodPost {

     

       39
       +
       		http.Error(w, "Method not allowed", http.StatusMethodNotAllowed)

     

       40
       +
       		return

     

       41
       +
       	}

     

       42
       +
       

     

       43
       +
       	// 2. Limit request body size to prevent DoS attacks (100KB should be plenty for comments)

     

       44
       +
       	r.Body = http.MaxBytesReader(w, r.Body, 100*1024)

     

       45
       +
       

     

       46
       +
       	// 3. Parse JSON body into DeleteCommentInput

     

       47
       +
       	var input DeleteCommentInput

     

       48
       +
       	if err := json.NewDecoder(r.Body).Decode(&input); err != nil {

     

       49
       +
       		writeError(w, http.StatusBadRequest, "InvalidRequest", "Invalid request body")

     

       50
       +
       		return

     

       51
       +
       	}

     

       52
       +
       

     

       53
       +
       	// 4. Get OAuth session from context (injected by auth middleware)

     

       54
       +
       	session := middleware.GetOAuthSession(r)

     

       55
       +
       	if session == nil {

     

       56
       +
       		writeError(w, http.StatusUnauthorized, "AuthRequired", "Authentication required")

     

       57
       +
       		return

     

       58
       +
       	}

     

       59
       +
       

     

       60
       +
       	// 5. Convert input to DeleteCommentRequest

     

       61
       +
       	req := comments.DeleteCommentRequest{

     

       62
       +
       		URI: input.URI,

     

       63
       +
       	}

     

       64
       +
       

     

       65
       +
       	// 6. Call service to delete comment

     

       66
       +
       	err := h.service.DeleteComment(r.Context(), session, req)

     

       67
       +
       	if err != nil {

     

       68
       +
       		handleServiceError(w, err)

     

       69
       +
       		return

     

       70
       +
       	}

     

       71
       +
       

     

       72
       +
       	// 7. Return empty JSON object per lexicon specification

     

       73
       +
       	output := DeleteCommentOutput{}

     

       74
       +
       

     

       75
       +
       	w.Header().Set("Content-Type", "application/json")

     

       76
       +
       	w.WriteHeader(http.StatusOK)

     

       77
       +
       	if err := json.NewEncoder(w).Encode(output); err != nil {

     

       78
       +
       		log.Printf("Failed to encode response: %v", err)

     

       79
       +
       	}

     

       80
       +
       }

+34 -2

internal/api/handlers/comments/errors.go

···

       3
        
       import (

     

       4
        
       	"Coves/internal/core/comments"

     

       5
        
       	"encoding/json"

     

       0
        
       
     

       6
        
       	"log"

     

       7
        
       	"net/http"

     

       8
        
       )

     
···

       30
        
       func handleServiceError(w http.ResponseWriter, err error) {

     

       31
        
       	switch {

     

       32
        
       	case comments.IsNotFound(err):

     

       33
       -
       		writeError(w, http.StatusNotFound, "NotFound", err.Error())

     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       34
        
       

     

       35
        
       	case comments.IsValidationError(err):

     

       36
       -
       		writeError(w, http.StatusBadRequest, "InvalidRequest", err.Error())

     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       37
        
       

     

       38
        
       	default:

     

       39
        
       		// Don't leak internal error details to clients

···

       3
        
       import (

     

       4
        
       	"Coves/internal/core/comments"

     

       5
        
       	"encoding/json"

     

       6
       +
       	"errors"

     

       7
        
       	"log"

     

       8
        
       	"net/http"

     

       9
        
       )

     
···

       31
        
       func handleServiceError(w http.ResponseWriter, err error) {

     

       32
        
       	switch {

     

       33
        
       	case comments.IsNotFound(err):

     

       34
       +
       		// Map specific not found errors to appropriate messages

     

       35
       +
       		switch {

     

       36
       +
       		case errors.Is(err, comments.ErrCommentNotFound):

     

       37
       +
       			writeError(w, http.StatusNotFound, "CommentNotFound", "Comment not found")

     

       38
       +
       		case errors.Is(err, comments.ErrParentNotFound):

     

       39
       +
       			writeError(w, http.StatusNotFound, "ParentNotFound", "Parent post or comment not found")

     

       40
       +
       		case errors.Is(err, comments.ErrRootNotFound):

     

       41
       +
       			writeError(w, http.StatusNotFound, "RootNotFound", "Root post not found")

     

       42
       +
       		default:

     

       43
       +
       			writeError(w, http.StatusNotFound, "NotFound", err.Error())

     

       44
       +
       		}

     

       45
        
       

     

       46
        
       	case comments.IsValidationError(err):

     

       47
       +
       		// Map specific validation errors to appropriate messages

     

       48
       +
       		switch {

     

       49
       +
       		case errors.Is(err, comments.ErrInvalidReply):

     

       50
       +
       			writeError(w, http.StatusBadRequest, "InvalidReply", "The reply reference is invalid or malformed")

     

       51
       +
       		case errors.Is(err, comments.ErrContentTooLong):

     

       52
       +
       			writeError(w, http.StatusBadRequest, "ContentTooLong", "Comment content exceeds 10000 graphemes")

     

       53
       +
       		case errors.Is(err, comments.ErrContentEmpty):

     

       54
       +
       			writeError(w, http.StatusBadRequest, "ContentEmpty", "Comment content is required")

     

       55
       +
       		default:

     

       56
       +
       			writeError(w, http.StatusBadRequest, "InvalidRequest", err.Error())

     

       57
       +
       		}

     

       58
       +
       

     

       59
       +
       	case errors.Is(err, comments.ErrNotAuthorized):

     

       60
       +
       		writeError(w, http.StatusForbidden, "NotAuthorized", "User is not authorized to perform this action")

     

       61
       +
       

     

       62
       +
       	case errors.Is(err, comments.ErrBanned):

     

       63
       +
       		writeError(w, http.StatusForbidden, "Banned", "User is banned from this community")

     

       64
       +
       

     

       65
       +
       	// NOTE: IsConflict case removed - the PDS handles duplicate detection via CreateRecord,

     

       66
       +
       	// so ErrCommentAlreadyExists is never returned from the service layer. If the PDS rejects

     

       67
       +
       	// a duplicate record, it returns an auth/validation error which is handled by other cases.

     

       68
       +
       	// Keeping this code would be dead code that never executes.

     

       69
        
       

     

       70
        
       	default:

     

       71
        
       		// Don't leak internal error details to clients

+112

internal/api/handlers/comments/update_comment.go

···

       1
       +
       package comments

     

       2
       +
       

     

       3
       +
       import (

     

       4
       +
       	"Coves/internal/api/middleware"

     

       5
       +
       	"Coves/internal/core/comments"

     

       6
       +
       	"encoding/json"

     

       7
       +
       	"log"

     

       8
       +
       	"net/http"

     

       9
       +
       )

     

       10
       +
       

     

       11
       +
       // UpdateCommentHandler handles comment update requests

     

       12
       +
       type UpdateCommentHandler struct {

     

       13
       +
       	service comments.Service

     

       14
       +
       }

     

       15
       +
       

     

       16
       +
       // NewUpdateCommentHandler creates a new handler for updating comments

     

       17
       +
       func NewUpdateCommentHandler(service comments.Service) *UpdateCommentHandler {

     

       18
       +
       	return &UpdateCommentHandler{

     

       19
       +
       		service: service,

     

       20
       +
       	}

     

       21
       +
       }

     

       22
       +
       

     

       23
       +
       // UpdateCommentInput matches the lexicon input schema for social.coves.community.comment.update

     

       24
       +
       type UpdateCommentInput struct {

     

       25
       +
       	URI     string        `json:"uri"`

     

       26
       +
       	Content string        `json:"content"`

     

       27
       +
       	Facets  []interface{} `json:"facets,omitempty"`

     

       28
       +
       	Embed   interface{}   `json:"embed,omitempty"`

     

       29
       +
       	Langs   []string      `json:"langs,omitempty"`

     

       30
       +
       	Labels  interface{}   `json:"labels,omitempty"`

     

       31
       +
       }

     

       32
       +
       

     

       33
       +
       // UpdateCommentOutput matches the lexicon output schema

     

       34
       +
       type UpdateCommentOutput struct {

     

       35
       +
       	URI string `json:"uri"`

     

       36
       +
       	CID string `json:"cid"`

     

       37
       +
       }

     

       38
       +
       

     

       39
       +
       // HandleUpdate handles comment update requests

     

       40
       +
       // POST /xrpc/social.coves.community.comment.update

     

       41
       +
       //

     

       42
       +
       // Request body: { "uri": "at://...", "content": "..." }

     

       43
       +
       // Response: { "uri": "at://...", "cid": "..." }

     

       44
       +
       func (h *UpdateCommentHandler) HandleUpdate(w http.ResponseWriter, r *http.Request) {

     

       45
       +
       	// 1. Check method is POST

     

       46
       +
       	if r.Method != http.MethodPost {

     

       47
       +
       		http.Error(w, "Method not allowed", http.StatusMethodNotAllowed)

     

       48
       +
       		return

     

       49
       +
       	}

     

       50
       +
       

     

       51
       +
       	// 2. Limit request body size to prevent DoS attacks (100KB should be plenty for comments)

     

       52
       +
       	r.Body = http.MaxBytesReader(w, r.Body, 100*1024)

     

       53
       +
       

     

       54
       +
       	// 3. Parse JSON body into UpdateCommentInput

     

       55
       +
       	var input UpdateCommentInput

     

       56
       +
       	if err := json.NewDecoder(r.Body).Decode(&input); err != nil {

     

       57
       +
       		writeError(w, http.StatusBadRequest, "InvalidRequest", "Invalid request body")

     

       58
       +
       		return

     

       59
       +
       	}

     

       60
       +
       

     

       61
       +
       	// 4. Get OAuth session from context (injected by auth middleware)

     

       62
       +
       	session := middleware.GetOAuthSession(r)

     

       63
       +
       	if session == nil {

     

       64
       +
       		writeError(w, http.StatusUnauthorized, "AuthRequired", "Authentication required")

     

       65
       +
       		return

     

       66
       +
       	}

     

       67
       +
       

     

       68
       +
       	// 5. Convert labels interface{} to *comments.SelfLabels if provided

     

       69
       +
       	var labels *comments.SelfLabels

     

       70
       +
       	if input.Labels != nil {

     

       71
       +
       		labelsJSON, err := json.Marshal(input.Labels)

     

       72
       +
       		if err != nil {

     

       73
       +
       			writeError(w, http.StatusBadRequest, "InvalidLabels", "Invalid labels format")

     

       74
       +
       			return

     

       75
       +
       		}

     

       76
       +
       		var selfLabels comments.SelfLabels

     

       77
       +
       		if err := json.Unmarshal(labelsJSON, &selfLabels); err != nil {

     

       78
       +
       			writeError(w, http.StatusBadRequest, "InvalidLabels", "Invalid labels structure")

     

       79
       +
       			return

     

       80
       +
       		}

     

       81
       +
       		labels = &selfLabels

     

       82
       +
       	}

     

       83
       +
       

     

       84
       +
       	// 6. Convert input to UpdateCommentRequest

     

       85
       +
       	req := comments.UpdateCommentRequest{

     

       86
       +
       		URI:     input.URI,

     

       87
       +
       		Content: input.Content,

     

       88
       +
       		Facets:  input.Facets,

     

       89
       +
       		Embed:   input.Embed,

     

       90
       +
       		Langs:   input.Langs,

     

       91
       +
       		Labels:  labels,

     

       92
       +
       	}

     

       93
       +
       

     

       94
       +
       	// 7. Call service to update comment

     

       95
       +
       	response, err := h.service.UpdateComment(r.Context(), session, req)

     

       96
       +
       	if err != nil {

     

       97
       +
       		handleServiceError(w, err)

     

       98
       +
       		return

     

       99
       +
       	}

     

       100
       +
       

     

       101
       +
       	// 8. Return JSON response with URI and CID

     

       102
       +
       	output := UpdateCommentOutput{

     

       103
       +
       		URI: response.URI,

     

       104
       +
       		CID: response.CID,

     

       105
       +
       	}

     

       106
       +
       

     

       107
       +
       	w.Header().Set("Content-Type", "application/json")

     

       108
       +
       	w.WriteHeader(http.StatusOK)

     

       109
       +
       	if err := json.NewEncoder(w).Encode(output); err != nil {

     

       110
       +
       		log.Printf("Failed to encode response: %v", err)

     

       111
       +
       	}

     

       112
       +
       }

+35

internal/api/routes/comment.go

···

       1
       +
       package routes

     

       2
       +
       

     

       3
       +
       import (

     

       4
       +
       	"Coves/internal/api/handlers/comments"

     

       5
       +
       	"Coves/internal/api/middleware"

     

       6
       +
       	commentsCore "Coves/internal/core/comments"

     

       7
       +
       

     

       8
       +
       	"github.com/go-chi/chi/v5"

     

       9
       +
       )

     

       10
       +
       

     

       11
       +
       // RegisterCommentRoutes registers comment-related XRPC endpoints on the router

     

       12
       +
       // Implements social.coves.community.comment.* lexicon endpoints

     

       13
       +
       // All write operations (create, update, delete) require authentication

     

       14
       +
       func RegisterCommentRoutes(r chi.Router, service commentsCore.Service, authMiddleware *middleware.OAuthAuthMiddleware) {

     

       15
       +
       	// Initialize handlers

     

       16
       +
       	createHandler := comments.NewCreateCommentHandler(service)

     

       17
       +
       	updateHandler := comments.NewUpdateCommentHandler(service)

     

       18
       +
       	deleteHandler := comments.NewDeleteCommentHandler(service)

     

       19
       +
       

     

       20
       +
       	// Procedure endpoints (POST) - require authentication

     

       21
       +
       	// social.coves.community.comment.create - create a new comment on a post or another comment

     

       22
       +
       	r.With(authMiddleware.RequireAuth).Post(

     

       23
       +
       		"/xrpc/social.coves.community.comment.create",

     

       24
       +
       		createHandler.HandleCreate)

     

       25
       +
       

     

       26
       +
       	// social.coves.community.comment.update - update an existing comment's content

     

       27
       +
       	r.With(authMiddleware.RequireAuth).Post(

     

       28
       +
       		"/xrpc/social.coves.community.comment.update",

     

       29
       +
       		updateHandler.HandleUpdate)

     

       30
       +
       

     

       31
       +
       	// social.coves.community.comment.delete - soft delete a comment

     

       32
       +
       	r.With(authMiddleware.RequireAuth).Post(

     

       33
       +
       		"/xrpc/social.coves.community.comment.delete",

     

       34
       +
       		deleteHandler.HandleDelete)

     

       35
       +
       }

+4 -2

tests/integration/comment_query_test.go

···

       785
        
       	postRepo := postgres.NewPostRepository(db)

     

       786
        
       	userRepo := postgres.NewUserRepository(db)

     

       787
        
       	communityRepo := postgres.NewCommunityRepository(db)

     

       788
       -
       	return comments.NewCommentService(commentRepo, userRepo, postRepo, communityRepo)

     

       0
        
       
     

       789
        
       }

     

       790
        
       

     

       791
        
       // Helper: createTestCommentWithScore creates a comment with specific vote counts

     
···

       871
        
       	postRepo := postgres.NewPostRepository(db)

     

       872
        
       	userRepo := postgres.NewUserRepository(db)

     

       873
        
       	communityRepo := postgres.NewCommunityRepository(db)

     

       874
       -
       	service := comments.NewCommentService(commentRepo, userRepo, postRepo, communityRepo)

     

       0
        
       
     

       875
        
       	return &testCommentServiceAdapter{service: service}

     

       876
        
       }

     

       877

···

       785
        
       	postRepo := postgres.NewPostRepository(db)

     

       786
        
       	userRepo := postgres.NewUserRepository(db)

     

       787
        
       	communityRepo := postgres.NewCommunityRepository(db)

     

       788
       +
       	// Use factory constructor with nil factory - these tests only use the read path (GetComments)

     

       789
       +
       	return comments.NewCommentServiceWithPDSFactory(commentRepo, userRepo, postRepo, communityRepo, nil, nil)

     

       790
        
       }

     

       791
        
       

     

       792
        
       // Helper: createTestCommentWithScore creates a comment with specific vote counts

     
···

       872
        
       	postRepo := postgres.NewPostRepository(db)

     

       873
        
       	userRepo := postgres.NewUserRepository(db)

     

       874
        
       	communityRepo := postgres.NewCommunityRepository(db)

     

       875
       +
       	// Use factory constructor with nil factory - these tests only use the read path (GetComments)

     

       876
       +
       	service := comments.NewCommentServiceWithPDSFactory(commentRepo, userRepo, postRepo, communityRepo, nil, nil)

     

       877
        
       	return &testCommentServiceAdapter{service: service}

     

       878
        
       }

     

       879

+6 -3

tests/integration/comment_vote_test.go

···

       417
        
       		}

     

       418
        
       

     

       419
        
       		// Query comments with viewer authentication

     

       420
       -
       		commentService := comments.NewCommentService(commentRepo, userRepo, postRepo, communityRepo)

     

       0
        
       
     

       421
        
       		response, err := commentService.GetComments(ctx, &comments.GetCommentsRequest{

     

       422
        
       			PostURI:   testPostURI,

     

       423
        
       			Sort:      "new",

     
···

       499
        
       		}

     

       500
        
       

     

       501
        
       		// Query with authentication but no vote

     

       502
       -
       		commentService := comments.NewCommentService(commentRepo, userRepo, postRepo, communityRepo)

     

       0
        
       
     

       503
        
       		response, err := commentService.GetComments(ctx, &comments.GetCommentsRequest{

     

       504
        
       			PostURI:   testPostURI,

     

       505
        
       			Sort:      "new",

     
···

       542
        
       

     

       543
        
       	t.Run("Unauthenticated request has no viewer state", func(t *testing.T) {

     

       544
        
       		// Query without authentication

     

       545
       -
       		commentService := comments.NewCommentService(commentRepo, userRepo, postRepo, communityRepo)

     

       0
        
       
     

       546
        
       		response, err := commentService.GetComments(ctx, &comments.GetCommentsRequest{

     

       547
        
       			PostURI:   testPostURI,

     

       548
        
       			Sort:      "new",

···

       417
        
       		}

     

       418
        
       

     

       419
        
       		// Query comments with viewer authentication

     

       420
       +
       		// Use factory constructor with nil factory - this test only uses the read path (GetComments)

     

       421
       +
       		commentService := comments.NewCommentServiceWithPDSFactory(commentRepo, userRepo, postRepo, communityRepo, nil, nil)

     

       422
        
       		response, err := commentService.GetComments(ctx, &comments.GetCommentsRequest{

     

       423
        
       			PostURI:   testPostURI,

     

       424
        
       			Sort:      "new",

     
···

       500
        
       		}

     

       501
        
       

     

       502
        
       		// Query with authentication but no vote

     

       503
       +
       		// Use factory constructor with nil factory - this test only uses the read path (GetComments)

     

       504
       +
       		commentService := comments.NewCommentServiceWithPDSFactory(commentRepo, userRepo, postRepo, communityRepo, nil, nil)

     

       505
        
       		response, err := commentService.GetComments(ctx, &comments.GetCommentsRequest{

     

       506
        
       			PostURI:   testPostURI,

     

       507
        
       			Sort:      "new",

     
···

       544
        
       

     

       545
        
       	t.Run("Unauthenticated request has no viewer state", func(t *testing.T) {

     

       546
        
       		// Query without authentication

     

       547
       +
       		// Use factory constructor with nil factory - this test only uses the read path (GetComments)

     

       548
       +
       		commentService := comments.NewCommentServiceWithPDSFactory(commentRepo, userRepo, postRepo, communityRepo, nil, nil)

     

       549
        
       		response, err := commentService.GetComments(ctx, &comments.GetCommentsRequest{

     

       550
        
       			PostURI:   testPostURI,

     

       551
        
       			Sort:      "new",

+2 -1

tests/integration/concurrent_scenarios_test.go

···

       454
        
       		}

     

       455
        
       

     

       456
        
       		// Verify all comments are retrievable via service

     

       457
       -
       		commentService := comments.NewCommentService(commentRepo, userRepo, postRepo, communityRepo)

     

       0
        
       
     

       458
        
       		response, err := commentService.GetComments(ctx, &comments.GetCommentsRequest{

     

       459
        
       			PostURI:   postURI,

     

       460
        
       			Sort:      "new",

···

       454
        
       		}

     

       455
        
       

     

       456
        
       		// Verify all comments are retrievable via service

     

       457
       +
       		// Use factory constructor with nil factory - this test only uses the read path (GetComments)

     

       458
       +
       		commentService := comments.NewCommentServiceWithPDSFactory(commentRepo, userRepo, postRepo, communityRepo, nil, nil)

     

       459
        
       		response, err := commentService.GetComments(ctx, &comments.GetCommentsRequest{

     

       460
        
       			PostURI:   postURI,

     

       461
        
       			Sort:      "new",

+1 -1

go.mod

···

       72
        
       	github.com/prometheus/client_model v0.5.0 // indirect

     

       73
        
       	github.com/prometheus/common v0.45.0 // indirect

     

       74
        
       	github.com/prometheus/procfs v0.12.0 // indirect

     

       75
       -
       	github.com/rivo/uniseg v0.1.0 // indirect

     

       76
        
       	github.com/segmentio/asm v1.2.0 // indirect

     

       77
        
       	github.com/sethvargo/go-retry v0.3.0 // indirect

     

       78
        
       	github.com/spaolacci/murmur3 v1.1.0 // indirect

···

       72
        
       	github.com/prometheus/client_model v0.5.0 // indirect

     

       73
        
       	github.com/prometheus/common v0.45.0 // indirect

     

       74
        
       	github.com/prometheus/procfs v0.12.0 // indirect

     

       75
       +
       	github.com/rivo/uniseg v0.4.7 // indirect

     

       76
        
       	github.com/segmentio/asm v1.2.0 // indirect

     

       77
        
       	github.com/sethvargo/go-retry v0.3.0 // indirect

     

       78
        
       	github.com/spaolacci/murmur3 v1.1.0 // indirect

go.sum

···

       159
        
       github.com/remyoudompheng/bigfft v0.0.0-20230129092748-24d4a6f8daec/go.mod h1:qqbHyh8v60DhA7CoWK5oRCqLrMHRGoxYCSS9EjAz6Eo=

     

       160
        
       github.com/rivo/uniseg v0.1.0 h1:+2KBaVoUmb9XzDsrx/Ct0W/EYOSFf/nWTauy++DprtY=

     

       161
        
       github.com/rivo/uniseg v0.1.0/go.mod h1:J6wj4VEh+S6ZtnVlnTBMWIodfgj8LQOQFoIToxlJtxc=

     

       0
        
       
     

       0
        
       
     

       162
        
       github.com/rogpeppe/go-internal v1.3.0/go.mod h1:M8bDsm7K2OlrFYOpmOWEs/qY81heoFRclV5y23lUDJ4=

     

       163
        
       github.com/rogpeppe/go-internal v1.10.0 h1:TMyTOH3F/DB16zRVcYyreMH6GnZZrwQVAoYjRBZyWFQ=

     

       164
        
       github.com/rogpeppe/go-internal v1.10.0/go.mod h1:UQnix2H7Ngw/k4C5ijL5+65zddjncjaFoBhdsK/akog=

···

       159
        
       github.com/remyoudompheng/bigfft v0.0.0-20230129092748-24d4a6f8daec/go.mod h1:qqbHyh8v60DhA7CoWK5oRCqLrMHRGoxYCSS9EjAz6Eo=

     

       160
        
       github.com/rivo/uniseg v0.1.0 h1:+2KBaVoUmb9XzDsrx/Ct0W/EYOSFf/nWTauy++DprtY=

     

       161
        
       github.com/rivo/uniseg v0.1.0/go.mod h1:J6wj4VEh+S6ZtnVlnTBMWIodfgj8LQOQFoIToxlJtxc=

     

       162
       +
       github.com/rivo/uniseg v0.4.7 h1:WUdvkW8uEhrYfLC4ZzdpI2ztxP1I582+49Oc5Mq64VQ=

     

       163
       +
       github.com/rivo/uniseg v0.4.7/go.mod h1:FN3SvrM+Zdj16jyLfmOkMNblXMcoc8DfTHruCPUcx88=

     

       164
        
       github.com/rogpeppe/go-internal v1.3.0/go.mod h1:M8bDsm7K2OlrFYOpmOWEs/qY81heoFRclV5y23lUDJ4=

     

       165
        
       github.com/rogpeppe/go-internal v1.10.0 h1:TMyTOH3F/DB16zRVcYyreMH6GnZZrwQVAoYjRBZyWFQ=

     

       166
        
       github.com/rogpeppe/go-internal v1.10.0/go.mod h1:UQnix2H7Ngw/k4C5ijL5+65zddjncjaFoBhdsK/akog=

+66

internal/db/migrations/021_add_comment_deletion_metadata.sql

···

       1
       +
       -- +goose Up

     

       2
       +
       -- Add deletion reason tracking to preserve thread structure while respecting privacy

     

       3
       +
       -- When comments are deleted, we blank content but keep the record for threading

     

       4
       +
       

     

       5
       +
       -- Create enum type for deletion reasons

     

       6
       +
       CREATE TYPE deletion_reason AS ENUM ('author', 'moderator');

     

       7
       +
       

     

       8
       +
       -- Add new columns to comments table

     

       9
       +
       ALTER TABLE comments ADD COLUMN deletion_reason deletion_reason;

     

       10
       +
       ALTER TABLE comments ADD COLUMN deleted_by TEXT;

     

       11
       +
       

     

       12
       +
       -- Add comments for new columns

     

       13
       +
       COMMENT ON COLUMN comments.deletion_reason IS 'Reason for deletion: author (user deleted), moderator (community mod removed)';

     

       14
       +
       COMMENT ON COLUMN comments.deleted_by IS 'DID of the actor who performed the deletion';

     

       15
       +
       

     

       16
       +
       -- Backfill existing deleted comments as author-deleted

     

       17
       +
       -- This handles existing soft-deleted comments gracefully

     

       18
       +
       UPDATE comments

     

       19
       +
       SET deletion_reason = 'author',

     

       20
       +
           deleted_by = commenter_did

     

       21
       +
       WHERE deleted_at IS NOT NULL AND deletion_reason IS NULL;

     

       22
       +
       

     

       23
       +
       -- Modify existing indexes to NOT filter deleted_at IS NULL

     

       24
       +
       -- This allows deleted comments to appear in thread queries for structure preservation

     

       25
       +
       -- Note: We drop and recreate to change the partial index condition

     

       26
       +
       

     

       27
       +
       -- Drop old partial indexes that exclude deleted comments

     

       28
       +
       DROP INDEX IF EXISTS idx_comments_root;

     

       29
       +
       DROP INDEX IF EXISTS idx_comments_parent;

     

       30
       +
       DROP INDEX IF EXISTS idx_comments_parent_score;

     

       31
       +
       DROP INDEX IF EXISTS idx_comments_uri_active;

     

       32
       +
       

     

       33
       +
       -- Recreate indexes without the deleted_at filter (include all comments for threading)

     

       34
       +
       CREATE INDEX idx_comments_root ON comments(root_uri, created_at DESC);

     

       35
       +
       CREATE INDEX idx_comments_parent ON comments(parent_uri, created_at DESC);

     

       36
       +
       CREATE INDEX idx_comments_parent_score ON comments(parent_uri, score DESC, created_at DESC);

     

       37
       +
       CREATE INDEX idx_comments_uri_lookup ON comments(uri);

     

       38
       +
       

     

       39
       +
       -- Add index for querying by deletion_reason (for moderation dashboard)

     

       40
       +
       CREATE INDEX idx_comments_deleted_reason ON comments(deletion_reason, deleted_at DESC)

     

       41
       +
       WHERE deleted_at IS NOT NULL;

     

       42
       +
       

     

       43
       +
       -- Add index for querying by deleted_by (for moderation audit/filtering)

     

       44
       +
       CREATE INDEX idx_comments_deleted_by ON comments(deleted_by, deleted_at DESC)

     

       45
       +
       WHERE deleted_at IS NOT NULL;

     

       46
       +
       

     

       47
       +
       -- +goose Down

     

       48
       +
       -- Remove deletion metadata columns and restore original indexes

     

       49
       +
       

     

       50
       +
       DROP INDEX IF EXISTS idx_comments_deleted_by;

     

       51
       +
       DROP INDEX IF EXISTS idx_comments_deleted_reason;

     

       52
       +
       DROP INDEX IF EXISTS idx_comments_uri_lookup;

     

       53
       +
       DROP INDEX IF EXISTS idx_comments_parent_score;

     

       54
       +
       DROP INDEX IF EXISTS idx_comments_parent;

     

       55
       +
       DROP INDEX IF EXISTS idx_comments_root;

     

       56
       +
       

     

       57
       +
       -- Restore original partial indexes (excluding deleted comments)

     

       58
       +
       CREATE INDEX idx_comments_root ON comments(root_uri, created_at DESC) WHERE deleted_at IS NULL;

     

       59
       +
       CREATE INDEX idx_comments_parent ON comments(parent_uri, created_at DESC) WHERE deleted_at IS NULL;

     

       60
       +
       CREATE INDEX idx_comments_parent_score ON comments(parent_uri, score DESC, created_at DESC) WHERE deleted_at IS NULL;

     

       61
       +
       CREATE INDEX idx_comments_uri_active ON comments(uri) WHERE deleted_at IS NULL;

     

       62
       +
       

     

       63
       +
       ALTER TABLE comments DROP COLUMN IF EXISTS deleted_by;

     

       64
       +
       ALTER TABLE comments DROP COLUMN IF EXISTS deletion_reason;

     

       65
       +
       

     

       66
       +
       DROP TYPE IF EXISTS deletion_reason;

+17 -13

internal/core/comments/view_models.go

···

       7
        
       // CommentView represents the full view of a comment with all metadata

     

       8
        
       // Matches social.coves.community.comment.getComments#commentView lexicon

     

       9
        
       // Used in thread views and get endpoints

     

       0
        
       
     

       10
        
       type CommentView struct {

     

       11
       -
       	Embed         interface{}         `json:"embed,omitempty"`

     

       12
       -
       	Record        interface{}         `json:"record"`

     

       13
       -
       	Viewer        *CommentViewerState `json:"viewer,omitempty"`

     

       14
       -
       	Author        *posts.AuthorView   `json:"author"`

     

       15
       -
       	Post          *CommentRef         `json:"post"`

     

       16
       -
       	Parent        *CommentRef         `json:"parent,omitempty"`

     

       17
       -
       	Stats         *CommentStats       `json:"stats"`

     

       18
       -
       	Content       string              `json:"content"`

     

       19
       -
       	CreatedAt     string              `json:"createdAt"`

     

       20
       -
       	IndexedAt     string              `json:"indexedAt"`

     

       21
       -
       	URI           string              `json:"uri"`

     

       22
       -
       	CID           string              `json:"cid"`

     

       23
       -
       	ContentFacets []interface{}       `json:"contentFacets,omitempty"`

     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       24
        
       }

     

       25
        
       

     

       26
        
       // ThreadViewComment represents a comment with its nested replies

···

       7
        
       // CommentView represents the full view of a comment with all metadata

     

       8
        
       // Matches social.coves.community.comment.getComments#commentView lexicon

     

       9
        
       // Used in thread views and get endpoints

     

       10
       +
       // For deleted comments, IsDeleted=true and content-related fields are empty/nil

     

       11
        
       type CommentView struct {

     

       12
       +
       	Embed          interface{}         `json:"embed,omitempty"`

     

       13
       +
       	Record         interface{}         `json:"record"`

     

       14
       +
       	Viewer         *CommentViewerState `json:"viewer,omitempty"`

     

       15
       +
       	Author         *posts.AuthorView   `json:"author"`

     

       16
       +
       	Post           *CommentRef         `json:"post"`

     

       17
       +
       	Parent         *CommentRef         `json:"parent,omitempty"`

     

       18
       +
       	Stats          *CommentStats       `json:"stats"`

     

       19
       +
       	Content        string              `json:"content"`

     

       20
       +
       	CreatedAt      string              `json:"createdAt"`

     

       21
       +
       	IndexedAt      string              `json:"indexedAt"`

     

       22
       +
       	URI            string              `json:"uri"`

     

       23
       +
       	CID            string              `json:"cid"`

     

       24
       +
       	ContentFacets  []interface{}       `json:"contentFacets,omitempty"`

     

       25
       +
       	IsDeleted      bool                `json:"isDeleted,omitempty"`

     

       26
       +
       	DeletionReason *string             `json:"deletionReason,omitempty"`

     

       27
       +
       	DeletedAt      *string             `json:"deletedAt,omitempty"`

     

       28
        
       }

     

       29
        
       

     

       30
        
       // ThreadViewComment represents a comment with its nested replies

+23 -1

internal/core/comments/interfaces.go

···

       1
        
       package comments

     

       2
        
       

     

       3
       -
       import "context"

     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       4
        
       

     

       5
        
       // Repository defines the data access interface for comments

     

       6
        
       // Used by Jetstream consumer to index comments from firehose

     
···

       25
        
       

     

       26
        
       	// Delete soft-deletes a comment (sets deleted_at)

     

       27
        
       	// Called by Jetstream consumer after comment is deleted from PDS

     

       0
        
       
     

       28
        
       	Delete(ctx context.Context, uri string) error

     

       29
        
       

     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       30
        
       	// ListByRoot retrieves all comments in a thread (flat)

     

       31
        
       	// Used for fetching entire comment threads on posts

     

       32
        
       	ListByRoot(ctx context.Context, rootURI string, limit, offset int) ([]*Comment, error)

     
···

       76
        
       		limitPerParent int,

     

       77
        
       	) (map[string][]*Comment, error)

     

       78
        
       }

     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0

···

       1
        
       package comments

     

       2
        
       

     

       3
       +
       import (

     

       4
       +
       	"context"

     

       5
       +
       	"database/sql"

     

       6
       +
       )

     

       7
        
       

     

       8
        
       // Repository defines the data access interface for comments

     

       9
        
       // Used by Jetstream consumer to index comments from firehose

     
···

       28
        
       

     

       29
        
       	// Delete soft-deletes a comment (sets deleted_at)

     

       30
        
       	// Called by Jetstream consumer after comment is deleted from PDS

     

       31
       +
       	// Deprecated: Use SoftDeleteWithReason for new code to preserve thread structure

     

       32
        
       	Delete(ctx context.Context, uri string) error

     

       33
        
       

     

       34
       +
       	// SoftDeleteWithReason performs a soft delete that blanks content but preserves thread structure

     

       35
       +
       	// This allows deleted comments to appear as "[deleted]" placeholders in thread views

     

       36
       +
       	// reason: "author" (user deleted) or "moderator" (mod removed)

     

       37
       +
       	// deletedByDID: DID of the actor who performed the deletion

     

       38
       +
       	SoftDeleteWithReason(ctx context.Context, uri, reason, deletedByDID string) error

     

       39
       +
       

     

       40
        
       	// ListByRoot retrieves all comments in a thread (flat)

     

       41
        
       	// Used for fetching entire comment threads on posts

     

       42
        
       	ListByRoot(ctx context.Context, rootURI string, limit, offset int) ([]*Comment, error)

     
···

       86
        
       		limitPerParent int,

     

       87
        
       	) (map[string][]*Comment, error)

     

       88
        
       }

     

       89
       +
       

     

       90
       +
       // RepositoryTx provides transaction-aware operations for consumers that need atomicity

     

       91
       +
       // Used by Jetstream consumer to perform atomic delete + count updates

     

       92
       +
       // Implementations that support transactions should also implement this interface

     

       93
       +
       type RepositoryTx interface {

     

       94
       +
       	// SoftDeleteWithReasonTx performs a soft delete within a transaction

     

       95
       +
       	// If tx is nil, executes directly against the database

     

       96
       +
       	// Returns rows affected count for callers that need to check idempotency

     

       97
       +
       	// reason: must be DeletionReasonAuthor or DeletionReasonModerator

     

       98
       +
       	// deletedByDID: DID of the actor who performed the deletion

     

       99
       +
       	SoftDeleteWithReasonTx(ctx context.Context, tx *sql.Tx, uri, reason, deletedByDID string) (int64, error)

     

       100
       +
       }

+87 -27

internal/db/postgres/comment_repo.go

···

       120
        
       			id, uri, cid, rkey, commenter_did,

     

       121
        
       			root_uri, root_cid, parent_uri, parent_cid,

     

       122
        
       			content, content_facets, embed, content_labels, langs,

     

       123
       -
       			created_at, indexed_at, deleted_at,

     

       124
        
       			upvote_count, downvote_count, score, reply_count

     

       125
        
       		FROM comments

     

       126
        
       		WHERE uri = $1

     
···

       133
        
       		&comment.ID, &comment.URI, &comment.CID, &comment.RKey, &comment.CommenterDID,

     

       134
        
       		&comment.RootURI, &comment.RootCID, &comment.ParentURI, &comment.ParentCID,

     

       135
        
       		&comment.Content, &comment.ContentFacets, &comment.Embed, &comment.ContentLabels, &langs,

     

       136
       -
       		&comment.CreatedAt, &comment.IndexedAt, &comment.DeletedAt,

     

       137
        
       		&comment.UpvoteCount, &comment.DownvoteCount, &comment.Score, &comment.ReplyCount,

     

       138
        
       	)

     

       139
        
       

     
···

       152
        
       // Delete soft-deletes a comment (sets deleted_at)

     

       153
        
       // Called by Jetstream consumer after comment is deleted from PDS

     

       154
        
       // Idempotent: Returns success if comment already deleted

     

       0
        
       
     

       155
        
       func (r *postgresCommentRepo) Delete(ctx context.Context, uri string) error {

     

       156
        
       	query := `

     

       157
        
       		UPDATE comments

     
···

       177
        
       	return nil

     

       178
        
       }

     

       179
        
       

     

       180
       -
       // ListByRoot retrieves all active comments in a thread (flat)

     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       181
        
       // Used for fetching entire comment threads on posts

     

       0
        
       
     

       182
        
       func (r *postgresCommentRepo) ListByRoot(ctx context.Context, rootURI string, limit, offset int) ([]*comments.Comment, error) {

     

       183
        
       	query := `

     

       184
        
       		SELECT

     

       185
        
       			id, uri, cid, rkey, commenter_did,

     

       186
        
       			root_uri, root_cid, parent_uri, parent_cid,

     

       187
        
       			content, content_facets, embed, content_labels, langs,

     

       188
       -
       			created_at, indexed_at, deleted_at,

     

       189
        
       			upvote_count, downvote_count, score, reply_count

     

       190
        
       		FROM comments

     

       191
       -
       		WHERE root_uri = $1 AND deleted_at IS NULL

     

       192
        
       		ORDER BY created_at ASC

     

       193
        
       		LIMIT $2 OFFSET $3

     

       194
        
       	`

     
···

       212
        
       			&comment.ID, &comment.URI, &comment.CID, &comment.RKey, &comment.CommenterDID,

     

       213
        
       			&comment.RootURI, &comment.RootCID, &comment.ParentURI, &comment.ParentCID,

     

       214
        
       			&comment.Content, &comment.ContentFacets, &comment.Embed, &comment.ContentLabels, &langs,

     

       215
       -
       			&comment.CreatedAt, &comment.IndexedAt, &comment.DeletedAt,

     

       216
        
       			&comment.UpvoteCount, &comment.DownvoteCount, &comment.Score, &comment.ReplyCount,

     

       217
        
       		)

     

       218
        
       		if err != nil {

     
···

       230
        
       	return result, nil

     

       231
        
       }

     

       232
        
       

     

       233
       -
       // ListByParent retrieves direct replies to a post or comment

     

       234
        
       // Used for building nested/threaded comment views

     

       0
        
       
     

       235
        
       func (r *postgresCommentRepo) ListByParent(ctx context.Context, parentURI string, limit, offset int) ([]*comments.Comment, error) {

     

       236
        
       	query := `

     

       237
        
       		SELECT

     

       238
        
       			id, uri, cid, rkey, commenter_did,

     

       239
        
       			root_uri, root_cid, parent_uri, parent_cid,

     

       240
        
       			content, content_facets, embed, content_labels, langs,

     

       241
       -
       			created_at, indexed_at, deleted_at,

     

       242
        
       			upvote_count, downvote_count, score, reply_count

     

       243
        
       		FROM comments

     

       244
       -
       		WHERE parent_uri = $1 AND deleted_at IS NULL

     

       245
        
       		ORDER BY created_at ASC

     

       246
        
       		LIMIT $2 OFFSET $3

     

       247
        
       	`

     
···

       265
        
       			&comment.ID, &comment.URI, &comment.CID, &comment.RKey, &comment.CommenterDID,

     

       266
        
       			&comment.RootURI, &comment.RootCID, &comment.ParentURI, &comment.ParentCID,

     

       267
        
       			&comment.Content, &comment.ContentFacets, &comment.Embed, &comment.ContentLabels, &langs,

     

       268
       -
       			&comment.CreatedAt, &comment.IndexedAt, &comment.DeletedAt,

     

       269
        
       			&comment.UpvoteCount, &comment.DownvoteCount, &comment.Score, &comment.ReplyCount,

     

       270
        
       		)

     

       271
        
       		if err != nil {

     
···

       302
        
       }

     

       303
        
       

     

       304
        
       // ListByCommenter retrieves all active comments by a specific user

     

       305
       -
       // Future: Used for user comment history

     

       306
        
       func (r *postgresCommentRepo) ListByCommenter(ctx context.Context, commenterDID string, limit, offset int) ([]*comments.Comment, error) {

     

       307
        
       	query := `

     

       308
        
       		SELECT

     

       309
        
       			id, uri, cid, rkey, commenter_did,

     

       310
        
       			root_uri, root_cid, parent_uri, parent_cid,

     

       311
        
       			content, content_facets, embed, content_labels, langs,

     

       312
       -
       			created_at, indexed_at, deleted_at,

     

       313
        
       			upvote_count, downvote_count, score, reply_count

     

       314
        
       		FROM comments

     

       315
        
       		WHERE commenter_did = $1 AND deleted_at IS NULL

     
···

       336
        
       			&comment.ID, &comment.URI, &comment.CID, &comment.RKey, &comment.CommenterDID,

     

       337
        
       			&comment.RootURI, &comment.RootCID, &comment.ParentURI, &comment.ParentCID,

     

       338
        
       			&comment.Content, &comment.ContentFacets, &comment.Embed, &comment.ContentLabels, &langs,

     

       339
       -
       			&comment.CreatedAt, &comment.IndexedAt, &comment.DeletedAt,

     

       340
        
       			&comment.UpvoteCount, &comment.DownvoteCount, &comment.Score, &comment.ReplyCount,

     

       341
        
       		)

     

       342
        
       		if err != nil {

     
···

       391
        
       			c.id, c.uri, c.cid, c.rkey, c.commenter_did,

     

       392
        
       			c.root_uri, c.root_cid, c.parent_uri, c.parent_cid,

     

       393
        
       			c.content, c.content_facets, c.embed, c.content_labels, c.langs,

     

       394
       -
       			c.created_at, c.indexed_at, c.deleted_at,

     

       395
        
       			c.upvote_count, c.downvote_count, c.score, c.reply_count,

     

       396
        
       			log(greatest(2, c.score + 2)) / power(((EXTRACT(EPOCH FROM (NOW() - c.created_at)) / 3600) + 2), 1.8) as hot_rank,

     

       397
        
       			COALESCE(u.handle, c.commenter_did) as author_handle

     
···

       402
        
       			c.id, c.uri, c.cid, c.rkey, c.commenter_did,

     

       403
        
       			c.root_uri, c.root_cid, c.parent_uri, c.parent_cid,

     

       404
        
       			c.content, c.content_facets, c.embed, c.content_labels, c.langs,

     

       405
       -
       			c.created_at, c.indexed_at, c.deleted_at,

     

       406
        
       			c.upvote_count, c.downvote_count, c.score, c.reply_count,

     

       407
        
       			NULL::numeric as hot_rank,

     

       408
        
       			COALESCE(u.handle, c.commenter_did) as author_handle

     
···

       411
        
       

     

       412
        
       	// Build complete query with JOINs and filters

     

       413
        
       	// LEFT JOIN prevents data loss when user record hasn't been indexed yet (out-of-order Jetstream events)

     

       0
        
       
     

       414
        
       	query := fmt.Sprintf(`

     

       415
        
       		%s

     

       416
        
       		LEFT JOIN users u ON c.commenter_did = u.did

     

       417
       -
       		WHERE c.parent_uri = $1 AND c.deleted_at IS NULL

     

       418
        
       			%s

     

       419
        
       			%s

     

       420
        
       		ORDER BY %s

     
···

       449
        
       			&comment.ID, &comment.URI, &comment.CID, &comment.RKey, &comment.CommenterDID,

     

       450
        
       			&comment.RootURI, &comment.RootCID, &comment.ParentURI, &comment.ParentCID,

     

       451
        
       			&comment.Content, &comment.ContentFacets, &comment.Embed, &comment.ContentLabels, &langs,

     

       452
       -
       			&comment.CreatedAt, &comment.IndexedAt, &comment.DeletedAt,

     

       453
        
       			&comment.UpvoteCount, &comment.DownvoteCount, &comment.Score, &comment.ReplyCount,

     

       454
        
       			&hotRank, &authorHandle,

     

       455
        
       		)

     
···

       687
        
       

     

       688
        
       // GetByURIsBatch retrieves multiple comments by their AT-URIs in a single query

     

       689
        
       // Returns map[uri]*Comment for efficient lookups without N+1 queries

     

       0
        
       
     

       690
        
       func (r *postgresCommentRepo) GetByURIsBatch(ctx context.Context, uris []string) (map[string]*comments.Comment, error) {

     

       691
        
       	if len(uris) == 0 {

     

       692
        
       		return make(map[string]*comments.Comment), nil

     
···

       694
        
       

     

       695
        
       	// LEFT JOIN prevents data loss when user record hasn't been indexed yet (out-of-order Jetstream events)

     

       696
        
       	// COALESCE falls back to DID when handle is NULL (user not yet in users table)

     

       0
        
       
     

       697
        
       	query := `

     

       698
        
       		SELECT

     

       699
        
       			c.id, c.uri, c.cid, c.rkey, c.commenter_did,

     

       700
        
       			c.root_uri, c.root_cid, c.parent_uri, c.parent_cid,

     

       701
        
       			c.content, c.content_facets, c.embed, c.content_labels, c.langs,

     

       702
       -
       			c.created_at, c.indexed_at, c.deleted_at,

     

       703
        
       			c.upvote_count, c.downvote_count, c.score, c.reply_count,

     

       704
        
       			COALESCE(u.handle, c.commenter_did) as author_handle

     

       705
        
       		FROM comments c

     

       706
        
       		LEFT JOIN users u ON c.commenter_did = u.did

     

       707
       -
       		WHERE c.uri = ANY($1) AND c.deleted_at IS NULL

     

       708
        
       	`

     

       709
        
       

     

       710
        
       	rows, err := r.db.QueryContext(ctx, query, pq.Array(uris))

     
···

       727
        
       			&comment.ID, &comment.URI, &comment.CID, &comment.RKey, &comment.CommenterDID,

     

       728
        
       			&comment.RootURI, &comment.RootCID, &comment.ParentURI, &comment.ParentCID,

     

       729
        
       			&comment.Content, &comment.ContentFacets, &comment.Embed, &comment.ContentLabels, &langs,

     

       730
       -
       			&comment.CreatedAt, &comment.IndexedAt, &comment.DeletedAt,

     

       731
        
       			&comment.UpvoteCount, &comment.DownvoteCount, &comment.Score, &comment.ReplyCount,

     

       732
        
       			&authorHandle,

     

       733
        
       		)

     
···

       769
        
       			c.id, c.uri, c.cid, c.rkey, c.commenter_did,

     

       770
        
       			c.root_uri, c.root_cid, c.parent_uri, c.parent_cid,

     

       771
        
       			c.content, c.content_facets, c.embed, c.content_labels, c.langs,

     

       772
       -
       			c.created_at, c.indexed_at, c.deleted_at,

     

       773
        
       			c.upvote_count, c.downvote_count, c.score, c.reply_count,

     

       774
        
       			log(greatest(2, c.score + 2)) / power(((EXTRACT(EPOCH FROM (NOW() - c.created_at)) / 3600) + 2), 1.8) as hot_rank,

     

       775
        
       			COALESCE(u.handle, c.commenter_did) as author_handle`

     
···

       780
        
       			c.id, c.uri, c.cid, c.rkey, c.commenter_did,

     

       781
        
       			c.root_uri, c.root_cid, c.parent_uri, c.parent_cid,

     

       782
        
       			c.content, c.content_facets, c.embed, c.content_labels, c.langs,

     

       783
       -
       			c.created_at, c.indexed_at, c.deleted_at,

     

       784
        
       			c.upvote_count, c.downvote_count, c.score, c.reply_count,

     

       785
        
       			NULL::numeric as hot_rank,

     

       786
        
       			COALESCE(u.handle, c.commenter_did) as author_handle`

     
···

       790
        
       			c.id, c.uri, c.cid, c.rkey, c.commenter_did,

     

       791
        
       			c.root_uri, c.root_cid, c.parent_uri, c.parent_cid,

     

       792
        
       			c.content, c.content_facets, c.embed, c.content_labels, c.langs,

     

       793
       -
       			c.created_at, c.indexed_at, c.deleted_at,

     

       794
        
       			c.upvote_count, c.downvote_count, c.score, c.reply_count,

     

       795
        
       			NULL::numeric as hot_rank,

     

       796
        
       			COALESCE(u.handle, c.commenter_did) as author_handle`

     
···

       801
        
       			c.id, c.uri, c.cid, c.rkey, c.commenter_did,

     

       802
        
       			c.root_uri, c.root_cid, c.parent_uri, c.parent_cid,

     

       803
        
       			c.content, c.content_facets, c.embed, c.content_labels, c.langs,

     

       804
       -
       			c.created_at, c.indexed_at, c.deleted_at,

     

       805
        
       			c.upvote_count, c.downvote_count, c.score, c.reply_count,

     

       806
        
       			log(greatest(2, c.score + 2)) / power(((EXTRACT(EPOCH FROM (NOW() - c.created_at)) / 3600) + 2), 1.8) as hot_rank,

     

       807
        
       			COALESCE(u.handle, c.commenter_did) as author_handle`

     
···

       812
        
       	// Use window function to limit results per parent

     

       813
        
       	// This is more efficient than LIMIT in a subquery per parent

     

       814
        
       	// LEFT JOIN prevents data loss when user record hasn't been indexed yet (out-of-order Jetstream events)

     

       0
        
       
     

       815
        
       	query := fmt.Sprintf(`

     

       816
        
       		WITH ranked_comments AS (

     

       817
        
       			SELECT

     
···

       822
        
       				) as rn

     

       823
        
       			FROM comments c

     

       824
        
       			LEFT JOIN users u ON c.commenter_did = u.did

     

       825
       -
       			WHERE c.parent_uri = ANY($1) AND c.deleted_at IS NULL

     

       826
        
       		)

     

       827
        
       		SELECT

     

       828
        
       			id, uri, cid, rkey, commenter_did,

     

       829
        
       			root_uri, root_cid, parent_uri, parent_cid,

     

       830
        
       			content, content_facets, embed, content_labels, langs,

     

       831
       -
       			created_at, indexed_at, deleted_at,

     

       832
        
       			upvote_count, downvote_count, score, reply_count,

     

       833
        
       			hot_rank, author_handle

     

       834
        
       		FROM ranked_comments

     
···

       858
        
       			&comment.ID, &comment.URI, &comment.CID, &comment.RKey, &comment.CommenterDID,

     

       859
        
       			&comment.RootURI, &comment.RootCID, &comment.ParentURI, &comment.ParentCID,

     

       860
        
       			&comment.Content, &comment.ContentFacets, &comment.Embed, &comment.ContentLabels, &langs,

     

       861
       -
       			&comment.CreatedAt, &comment.IndexedAt, &comment.DeletedAt,

     

       862
        
       			&comment.UpvoteCount, &comment.DownvoteCount, &comment.Score, &comment.ReplyCount,

     

       863
        
       			&hotRank, &authorHandle,

     

       864
        
       		)

···

       120
        
       			id, uri, cid, rkey, commenter_did,

     

       121
        
       			root_uri, root_cid, parent_uri, parent_cid,

     

       122
        
       			content, content_facets, embed, content_labels, langs,

     

       123
       +
       			created_at, indexed_at, deleted_at, deletion_reason, deleted_by,

     

       124
        
       			upvote_count, downvote_count, score, reply_count

     

       125
        
       		FROM comments

     

       126
        
       		WHERE uri = $1

     
···

       133
        
       		&comment.ID, &comment.URI, &comment.CID, &comment.RKey, &comment.CommenterDID,

     

       134
        
       		&comment.RootURI, &comment.RootCID, &comment.ParentURI, &comment.ParentCID,

     

       135
        
       		&comment.Content, &comment.ContentFacets, &comment.Embed, &comment.ContentLabels, &langs,

     

       136
       +
       		&comment.CreatedAt, &comment.IndexedAt, &comment.DeletedAt, &comment.DeletionReason, &comment.DeletedBy,

     

       137
        
       		&comment.UpvoteCount, &comment.DownvoteCount, &comment.Score, &comment.ReplyCount,

     

       138
        
       	)

     

       139
        
       

     
···

       152
        
       // Delete soft-deletes a comment (sets deleted_at)

     

       153
        
       // Called by Jetstream consumer after comment is deleted from PDS

     

       154
        
       // Idempotent: Returns success if comment already deleted

     

       155
       +
       // Deprecated: Use SoftDeleteWithReason for new code to preserve thread structure

     

       156
        
       func (r *postgresCommentRepo) Delete(ctx context.Context, uri string) error {

     

       157
        
       	query := `

     

       158
        
       		UPDATE comments

     
···

       178
        
       	return nil

     

       179
        
       }

     

       180
        
       

     

       181
       +
       // SoftDeleteWithReason performs a soft delete that blanks content but preserves thread structure

     

       182
       +
       // This allows deleted comments to appear as "[deleted]" placeholders in thread views

     

       183
       +
       // Idempotent: Returns success if comment already deleted

     

       184
       +
       // Validates that reason is a known deletion reason constant

     

       185
       +
       func (r *postgresCommentRepo) SoftDeleteWithReason(ctx context.Context, uri, reason, deletedByDID string) error {

     

       186
       +
       	// Validate deletion reason

     

       187
       +
       	if reason != comments.DeletionReasonAuthor && reason != comments.DeletionReasonModerator {

     

       188
       +
       		return fmt.Errorf("invalid deletion reason: %s", reason)

     

       189
       +
       	}

     

       190
       +
       

     

       191
       +
       	_, err := r.SoftDeleteWithReasonTx(ctx, nil, uri, reason, deletedByDID)

     

       192
       +
       	return err

     

       193
       +
       }

     

       194
       +
       

     

       195
       +
       // SoftDeleteWithReasonTx performs a soft delete within an optional transaction

     

       196
       +
       // If tx is nil, executes directly against the database

     

       197
       +
       // Returns rows affected count for callers that need to check idempotency

     

       198
       +
       // This method is used by both the repository and the Jetstream consumer

     

       199
       +
       func (r *postgresCommentRepo) SoftDeleteWithReasonTx(ctx context.Context, tx *sql.Tx, uri, reason, deletedByDID string) (int64, error) {

     

       200
       +
       	query := `

     

       201
       +
       		UPDATE comments

     

       202
       +
       		SET

     

       203
       +
       			content = '',

     

       204
       +
       			content_facets = NULL,

     

       205
       +
       			embed = NULL,

     

       206
       +
       			content_labels = NULL,

     

       207
       +
       			deleted_at = NOW(),

     

       208
       +
       			deletion_reason = $2,

     

       209
       +
       			deleted_by = $3

     

       210
       +
       		WHERE uri = $1 AND deleted_at IS NULL

     

       211
       +
       	`

     

       212
       +
       

     

       213
       +
       	var result sql.Result

     

       214
       +
       	var err error

     

       215
       +
       

     

       216
       +
       	if tx != nil {

     

       217
       +
       		result, err = tx.ExecContext(ctx, query, uri, reason, deletedByDID)

     

       218
       +
       	} else {

     

       219
       +
       		result, err = r.db.ExecContext(ctx, query, uri, reason, deletedByDID)

     

       220
       +
       	}

     

       221
       +
       

     

       222
       +
       	if err != nil {

     

       223
       +
       		return 0, fmt.Errorf("failed to soft delete comment: %w", err)

     

       224
       +
       	}

     

       225
       +
       

     

       226
       +
       	rowsAffected, err := result.RowsAffected()

     

       227
       +
       	if err != nil {

     

       228
       +
       		return 0, fmt.Errorf("failed to check delete result: %w", err)

     

       229
       +
       	}

     

       230
       +
       

     

       231
       +
       	return rowsAffected, nil

     

       232
       +
       }

     

       233
       +
       

     

       234
       +
       // ListByRoot retrieves all comments in a thread (flat), including deleted ones

     

       235
        
       // Used for fetching entire comment threads on posts

     

       236
       +
       // Includes deleted comments to preserve thread structure (shown as "[deleted]" placeholders)

     

       237
        
       func (r *postgresCommentRepo) ListByRoot(ctx context.Context, rootURI string, limit, offset int) ([]*comments.Comment, error) {

     

       238
        
       	query := `

     

       239
        
       		SELECT

     

       240
        
       			id, uri, cid, rkey, commenter_did,

     

       241
        
       			root_uri, root_cid, parent_uri, parent_cid,

     

       242
        
       			content, content_facets, embed, content_labels, langs,

     

       243
       +
       			created_at, indexed_at, deleted_at, deletion_reason, deleted_by,

     

       244
        
       			upvote_count, downvote_count, score, reply_count

     

       245
        
       		FROM comments

     

       246
       +
       		WHERE root_uri = $1

     

       247
        
       		ORDER BY created_at ASC

     

       248
        
       		LIMIT $2 OFFSET $3

     

       249
        
       	`

     
···

       267
        
       			&comment.ID, &comment.URI, &comment.CID, &comment.RKey, &comment.CommenterDID,

     

       268
        
       			&comment.RootURI, &comment.RootCID, &comment.ParentURI, &comment.ParentCID,

     

       269
        
       			&comment.Content, &comment.ContentFacets, &comment.Embed, &comment.ContentLabels, &langs,

     

       270
       +
       			&comment.CreatedAt, &comment.IndexedAt, &comment.DeletedAt, &comment.DeletionReason, &comment.DeletedBy,

     

       271
        
       			&comment.UpvoteCount, &comment.DownvoteCount, &comment.Score, &comment.ReplyCount,

     

       272
        
       		)

     

       273
        
       		if err != nil {

     
···

       285
        
       	return result, nil

     

       286
        
       }

     

       287
        
       

     

       288
       +
       // ListByParent retrieves direct replies to a post or comment, including deleted ones

     

       289
        
       // Used for building nested/threaded comment views

     

       290
       +
       // Includes deleted comments to preserve thread structure (shown as "[deleted]" placeholders)

     

       291
        
       func (r *postgresCommentRepo) ListByParent(ctx context.Context, parentURI string, limit, offset int) ([]*comments.Comment, error) {

     

       292
        
       	query := `

     

       293
        
       		SELECT

     

       294
        
       			id, uri, cid, rkey, commenter_did,

     

       295
        
       			root_uri, root_cid, parent_uri, parent_cid,

     

       296
        
       			content, content_facets, embed, content_labels, langs,

     

       297
       +
       			created_at, indexed_at, deleted_at, deletion_reason, deleted_by,

     

       298
        
       			upvote_count, downvote_count, score, reply_count

     

       299
        
       		FROM comments

     

       300
       +
       		WHERE parent_uri = $1

     

       301
        
       		ORDER BY created_at ASC

     

       302
        
       		LIMIT $2 OFFSET $3

     

       303
        
       	`

     
···

       321
        
       			&comment.ID, &comment.URI, &comment.CID, &comment.RKey, &comment.CommenterDID,

     

       322
        
       			&comment.RootURI, &comment.RootCID, &comment.ParentURI, &comment.ParentCID,

     

       323
        
       			&comment.Content, &comment.ContentFacets, &comment.Embed, &comment.ContentLabels, &langs,

     

       324
       +
       			&comment.CreatedAt, &comment.IndexedAt, &comment.DeletedAt, &comment.DeletionReason, &comment.DeletedBy,

     

       325
        
       			&comment.UpvoteCount, &comment.DownvoteCount, &comment.Score, &comment.ReplyCount,

     

       326
        
       		)

     

       327
        
       		if err != nil {

     
···

       358
        
       }

     

       359
        
       

     

       360
        
       // ListByCommenter retrieves all active comments by a specific user

     

       361
       +
       // Used for user comment history - filters out deleted comments

     

       362
        
       func (r *postgresCommentRepo) ListByCommenter(ctx context.Context, commenterDID string, limit, offset int) ([]*comments.Comment, error) {

     

       363
        
       	query := `

     

       364
        
       		SELECT

     

       365
        
       			id, uri, cid, rkey, commenter_did,

     

       366
        
       			root_uri, root_cid, parent_uri, parent_cid,

     

       367
        
       			content, content_facets, embed, content_labels, langs,

     

       368
       +
       			created_at, indexed_at, deleted_at, deletion_reason, deleted_by,

     

       369
        
       			upvote_count, downvote_count, score, reply_count

     

       370
        
       		FROM comments

     

       371
        
       		WHERE commenter_did = $1 AND deleted_at IS NULL

     
···

       392
        
       			&comment.ID, &comment.URI, &comment.CID, &comment.RKey, &comment.CommenterDID,

     

       393
        
       			&comment.RootURI, &comment.RootCID, &comment.ParentURI, &comment.ParentCID,

     

       394
        
       			&comment.Content, &comment.ContentFacets, &comment.Embed, &comment.ContentLabels, &langs,

     

       395
       +
       			&comment.CreatedAt, &comment.IndexedAt, &comment.DeletedAt, &comment.DeletionReason, &comment.DeletedBy,

     

       396
        
       			&comment.UpvoteCount, &comment.DownvoteCount, &comment.Score, &comment.ReplyCount,

     

       397
        
       		)

     

       398
        
       		if err != nil {

     
···

       447
        
       			c.id, c.uri, c.cid, c.rkey, c.commenter_did,

     

       448
        
       			c.root_uri, c.root_cid, c.parent_uri, c.parent_cid,

     

       449
        
       			c.content, c.content_facets, c.embed, c.content_labels, c.langs,

     

       450
       +
       			c.created_at, c.indexed_at, c.deleted_at, c.deletion_reason, c.deleted_by,

     

       451
        
       			c.upvote_count, c.downvote_count, c.score, c.reply_count,

     

       452
        
       			log(greatest(2, c.score + 2)) / power(((EXTRACT(EPOCH FROM (NOW() - c.created_at)) / 3600) + 2), 1.8) as hot_rank,

     

       453
        
       			COALESCE(u.handle, c.commenter_did) as author_handle

     
···

       458
        
       			c.id, c.uri, c.cid, c.rkey, c.commenter_did,

     

       459
        
       			c.root_uri, c.root_cid, c.parent_uri, c.parent_cid,

     

       460
        
       			c.content, c.content_facets, c.embed, c.content_labels, c.langs,

     

       461
       +
       			c.created_at, c.indexed_at, c.deleted_at, c.deletion_reason, c.deleted_by,

     

       462
        
       			c.upvote_count, c.downvote_count, c.score, c.reply_count,

     

       463
        
       			NULL::numeric as hot_rank,

     

       464
        
       			COALESCE(u.handle, c.commenter_did) as author_handle

     
···

       467
        
       

     

       468
        
       	// Build complete query with JOINs and filters

     

       469
        
       	// LEFT JOIN prevents data loss when user record hasn't been indexed yet (out-of-order Jetstream events)

     

       470
       +
       	// Includes deleted comments to preserve thread structure (shown as "[deleted]" placeholders)

     

       471
        
       	query := fmt.Sprintf(`

     

       472
        
       		%s

     

       473
        
       		LEFT JOIN users u ON c.commenter_did = u.did

     

       474
       +
       		WHERE c.parent_uri = $1

     

       475
        
       			%s

     

       476
        
       			%s

     

       477
        
       		ORDER BY %s

     
···

       506
        
       			&comment.ID, &comment.URI, &comment.CID, &comment.RKey, &comment.CommenterDID,

     

       507
        
       			&comment.RootURI, &comment.RootCID, &comment.ParentURI, &comment.ParentCID,

     

       508
        
       			&comment.Content, &comment.ContentFacets, &comment.Embed, &comment.ContentLabels, &langs,

     

       509
       +
       			&comment.CreatedAt, &comment.IndexedAt, &comment.DeletedAt, &comment.DeletionReason, &comment.DeletedBy,

     

       510
        
       			&comment.UpvoteCount, &comment.DownvoteCount, &comment.Score, &comment.ReplyCount,

     

       511
        
       			&hotRank, &authorHandle,

     

       512
        
       		)

     
···

       744
        
       

     

       745
        
       // GetByURIsBatch retrieves multiple comments by their AT-URIs in a single query

     

       746
        
       // Returns map[uri]*Comment for efficient lookups without N+1 queries

     

       747
       +
       // Includes deleted comments to preserve thread structure

     

       748
        
       func (r *postgresCommentRepo) GetByURIsBatch(ctx context.Context, uris []string) (map[string]*comments.Comment, error) {

     

       749
        
       	if len(uris) == 0 {

     

       750
        
       		return make(map[string]*comments.Comment), nil

     
···

       752
        
       

     

       753
        
       	// LEFT JOIN prevents data loss when user record hasn't been indexed yet (out-of-order Jetstream events)

     

       754
        
       	// COALESCE falls back to DID when handle is NULL (user not yet in users table)

     

       755
       +
       	// Includes deleted comments to preserve thread structure (shown as "[deleted]" placeholders)

     

       756
        
       	query := `

     

       757
        
       		SELECT

     

       758
        
       			c.id, c.uri, c.cid, c.rkey, c.commenter_did,

     

       759
        
       			c.root_uri, c.root_cid, c.parent_uri, c.parent_cid,

     

       760
        
       			c.content, c.content_facets, c.embed, c.content_labels, c.langs,

     

       761
       +
       			c.created_at, c.indexed_at, c.deleted_at, c.deletion_reason, c.deleted_by,

     

       762
        
       			c.upvote_count, c.downvote_count, c.score, c.reply_count,

     

       763
        
       			COALESCE(u.handle, c.commenter_did) as author_handle

     

       764
        
       		FROM comments c

     

       765
        
       		LEFT JOIN users u ON c.commenter_did = u.did

     

       766
       +
       		WHERE c.uri = ANY($1)

     

       767
        
       	`

     

       768
        
       

     

       769
        
       	rows, err := r.db.QueryContext(ctx, query, pq.Array(uris))

     
···

       786
        
       			&comment.ID, &comment.URI, &comment.CID, &comment.RKey, &comment.CommenterDID,

     

       787
        
       			&comment.RootURI, &comment.RootCID, &comment.ParentURI, &comment.ParentCID,

     

       788
        
       			&comment.Content, &comment.ContentFacets, &comment.Embed, &comment.ContentLabels, &langs,

     

       789
       +
       			&comment.CreatedAt, &comment.IndexedAt, &comment.DeletedAt, &comment.DeletionReason, &comment.DeletedBy,

     

       790
        
       			&comment.UpvoteCount, &comment.DownvoteCount, &comment.Score, &comment.ReplyCount,

     

       791
        
       			&authorHandle,

     

       792
        
       		)

     
···

       828
        
       			c.id, c.uri, c.cid, c.rkey, c.commenter_did,

     

       829
        
       			c.root_uri, c.root_cid, c.parent_uri, c.parent_cid,

     

       830
        
       			c.content, c.content_facets, c.embed, c.content_labels, c.langs,

     

       831
       +
       			c.created_at, c.indexed_at, c.deleted_at, c.deletion_reason, c.deleted_by,

     

       832
        
       			c.upvote_count, c.downvote_count, c.score, c.reply_count,

     

       833
        
       			log(greatest(2, c.score + 2)) / power(((EXTRACT(EPOCH FROM (NOW() - c.created_at)) / 3600) + 2), 1.8) as hot_rank,

     

       834
        
       			COALESCE(u.handle, c.commenter_did) as author_handle`

     
···

       839
        
       			c.id, c.uri, c.cid, c.rkey, c.commenter_did,

     

       840
        
       			c.root_uri, c.root_cid, c.parent_uri, c.parent_cid,

     

       841
        
       			c.content, c.content_facets, c.embed, c.content_labels, c.langs,

     

       842
       +
       			c.created_at, c.indexed_at, c.deleted_at, c.deletion_reason, c.deleted_by,

     

       843
        
       			c.upvote_count, c.downvote_count, c.score, c.reply_count,

     

       844
        
       			NULL::numeric as hot_rank,

     

       845
        
       			COALESCE(u.handle, c.commenter_did) as author_handle`

     
···

       849
        
       			c.id, c.uri, c.cid, c.rkey, c.commenter_did,

     

       850
        
       			c.root_uri, c.root_cid, c.parent_uri, c.parent_cid,

     

       851
        
       			c.content, c.content_facets, c.embed, c.content_labels, c.langs,

     

       852
       +
       			c.created_at, c.indexed_at, c.deleted_at, c.deletion_reason, c.deleted_by,

     

       853
        
       			c.upvote_count, c.downvote_count, c.score, c.reply_count,

     

       854
        
       			NULL::numeric as hot_rank,

     

       855
        
       			COALESCE(u.handle, c.commenter_did) as author_handle`

     
···

       860
        
       			c.id, c.uri, c.cid, c.rkey, c.commenter_did,

     

       861
        
       			c.root_uri, c.root_cid, c.parent_uri, c.parent_cid,

     

       862
        
       			c.content, c.content_facets, c.embed, c.content_labels, c.langs,

     

       863
       +
       			c.created_at, c.indexed_at, c.deleted_at, c.deletion_reason, c.deleted_by,

     

       864
        
       			c.upvote_count, c.downvote_count, c.score, c.reply_count,

     

       865
        
       			log(greatest(2, c.score + 2)) / power(((EXTRACT(EPOCH FROM (NOW() - c.created_at)) / 3600) + 2), 1.8) as hot_rank,

     

       866
        
       			COALESCE(u.handle, c.commenter_did) as author_handle`

     
···

       871
        
       	// Use window function to limit results per parent

     

       872
        
       	// This is more efficient than LIMIT in a subquery per parent

     

       873
        
       	// LEFT JOIN prevents data loss when user record hasn't been indexed yet (out-of-order Jetstream events)

     

       874
       +
       	// Includes deleted comments to preserve thread structure (shown as "[deleted]" placeholders)

     

       875
        
       	query := fmt.Sprintf(`

     

       876
        
       		WITH ranked_comments AS (

     

       877
        
       			SELECT

     
···

       882
        
       				) as rn

     

       883
        
       			FROM comments c

     

       884
        
       			LEFT JOIN users u ON c.commenter_did = u.did

     

       885
       +
       			WHERE c.parent_uri = ANY($1)

     

       886
        
       		)

     

       887
        
       		SELECT

     

       888
        
       			id, uri, cid, rkey, commenter_did,

     

       889
        
       			root_uri, root_cid, parent_uri, parent_cid,

     

       890
        
       			content, content_facets, embed, content_labels, langs,

     

       891
       +
       			created_at, indexed_at, deleted_at, deletion_reason, deleted_by,

     

       892
        
       			upvote_count, downvote_count, score, reply_count,

     

       893
        
       			hot_rank, author_handle

     

       894
        
       		FROM ranked_comments

     
···

       918
        
       			&comment.ID, &comment.URI, &comment.CID, &comment.RKey, &comment.CommenterDID,

     

       919
        
       			&comment.RootURI, &comment.RootCID, &comment.ParentURI, &comment.ParentCID,

     

       920
        
       			&comment.Content, &comment.ContentFacets, &comment.Embed, &comment.ContentLabels, &langs,

     

       921
       +
       			&comment.CreatedAt, &comment.IndexedAt, &comment.DeletedAt, &comment.DeletionReason, &comment.DeletedBy,

     

       922
        
       			&comment.UpvoteCount, &comment.DownvoteCount, &comment.Score, &comment.ReplyCount,

     

       923
        
       			&hotRank, &authorHandle,

     

       924
        
       		)

+5 -6

internal/core/comments/comment_service.go

···

       750
        
       		CreatedAt: createdAt, // Preserve original timestamp

     

       751
        
       	}

     

       752
        
       

     

       753
       -
       	// Update the record on PDS (putRecord)

     

       754
       -
       	// Note: This creates a new CID even though the URI stays the same

     

       755
       -
       	// TODO: Use PutRecord instead of CreateRecord for proper update semantics with optimistic locking.

     

       756
       -
       	// PutRecord should accept the existing CID (existingRecord.CID) to ensure concurrent updates are detected.

     

       757
       -
       	// However, PutRecord is not yet implemented in internal/atproto/pds/client.go.

     

       758
       -
       	uri, cid, err := pdsClient.CreateRecord(ctx, commentCollection, rkey, updatedRecord)

     

       759
        
       	if err != nil {

     

       760
        
       		s.logger.Error("failed to update comment on PDS",

     

       761
        
       			"error", err,

     
···

       764
        
       		if pds.IsAuthError(err) {

     

       765
        
       			return nil, ErrNotAuthorized

     

       766
        
       		}

     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       767
        
       		return nil, fmt.Errorf("failed to update comment: %w", err)

     

       768
        
       	}

     

       769

···

       750
        
       		CreatedAt: createdAt, // Preserve original timestamp

     

       751
        
       	}

     

       752
        
       

     

       753
       +
       	// Update the record on PDS with optimistic locking via swapRecord CID

     

       754
       +
       	uri, cid, err := pdsClient.PutRecord(ctx, commentCollection, rkey, updatedRecord, existingRecord.CID)

     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       755
        
       	if err != nil {

     

       756
        
       		s.logger.Error("failed to update comment on PDS",

     

       757
        
       			"error", err,

     
···

       760
        
       		if pds.IsAuthError(err) {

     

       761
        
       			return nil, ErrNotAuthorized

     

       762
        
       		}

     

       763
       +
       		if errors.Is(err, pds.ErrConflict) {

     

       764
       +
       			return nil, ErrConcurrentModification

     

       765
       +
       		}

     

       766
        
       		return nil, fmt.Errorf("failed to update comment: %w", err)

     

       767
        
       	}

     

       768

+2 -2

cmd/server/main.go

···

       543
        
       	routes.RegisterTimelineRoutes(r, timelineService, voteService, authMiddleware)

     

       544
        
       	log.Println("Timeline XRPC endpoints registered (requires authentication, includes viewer vote state)")

     

       545
        
       

     

       546
       -
       	routes.RegisterDiscoverRoutes(r, discoverService)

     

       547
       -
       	log.Println("Discover XRPC endpoints registered (public, no auth required)")

     

       548
        
       

     

       549
        
       	routes.RegisterAggregatorRoutes(r, aggregatorService, userService, identityResolver)

     

       550
        
       	log.Println("Aggregator XRPC endpoints registered (query endpoints public, registration endpoint public)")

···

       543
        
       	routes.RegisterTimelineRoutes(r, timelineService, voteService, authMiddleware)

     

       544
        
       	log.Println("Timeline XRPC endpoints registered (requires authentication, includes viewer vote state)")

     

       545
        
       

     

       546
       +
       	routes.RegisterDiscoverRoutes(r, discoverService, voteService, authMiddleware)

     

       547
       +
       	log.Println("Discover XRPC endpoints registered (public with optional auth for viewer vote state)")

     

       548
        
       

     

       549
        
       	routes.RegisterAggregatorRoutes(r, aggregatorService, userService, identityResolver)

     

       550
        
       	log.Println("Aggregator XRPC endpoints registered (query endpoints public, registration endpoint public)")

+73

internal/api/handlers/common/viewer_state.go

···

       1
       +
       package common

     

       2
       +
       

     

       3
       +
       import (

     

       4
       +
       	"Coves/internal/api/middleware"

     

       5
       +
       	"Coves/internal/core/posts"

     

       6
       +
       	"Coves/internal/core/votes"

     

       7
       +
       	"context"

     

       8
       +
       	"log"

     

       9
       +
       	"net/http"

     

       10
       +
       )

     

       11
       +
       

     

       12
       +
       // FeedPostProvider is implemented by any feed post wrapper that contains a PostView.

     

       13
       +
       // This allows the helper to work with different feed post types (discover, timeline, communityFeed).

     

       14
       +
       type FeedPostProvider interface {

     

       15
       +
       	GetPost() *posts.PostView

     

       16
       +
       }

     

       17
       +
       

     

       18
       +
       // PopulateViewerVoteState enriches feed posts with the authenticated user's vote state.

     

       19
       +
       // This is a no-op if voteService is nil or the request is unauthenticated.

     

       20
       +
       //

     

       21
       +
       // Parameters:

     

       22
       +
       //   - ctx: Request context for PDS calls

     

       23
       +
       //   - r: HTTP request (used to extract OAuth session)

     

       24
       +
       //   - voteService: Vote service for cache lookup (may be nil)

     

       25
       +
       //   - feedPosts: Posts to enrich with viewer state (must implement FeedPostProvider)

     

       26
       +
       //

     

       27
       +
       // The function logs but does not fail on errors - viewer state is optional enrichment.

     

       28
       +
       func PopulateViewerVoteState[T FeedPostProvider](

     

       29
       +
       	ctx context.Context,

     

       30
       +
       	r *http.Request,

     

       31
       +
       	voteService votes.Service,

     

       32
       +
       	feedPosts []T,

     

       33
       +
       ) {

     

       34
       +
       	if voteService == nil {

     

       35
       +
       		return

     

       36
       +
       	}

     

       37
       +
       

     

       38
       +
       	session := middleware.GetOAuthSession(r)

     

       39
       +
       	if session == nil {

     

       40
       +
       		return

     

       41
       +
       	}

     

       42
       +
       

     

       43
       +
       	userDID := middleware.GetUserDID(r)

     

       44
       +
       

     

       45
       +
       	// Ensure vote cache is populated from PDS

     

       46
       +
       	if err := voteService.EnsureCachePopulated(ctx, session); err != nil {

     

       47
       +
       		log.Printf("Warning: failed to populate vote cache: %v", err)

     

       48
       +
       		return

     

       49
       +
       	}

     

       50
       +
       

     

       51
       +
       	// Collect post URIs to batch lookup

     

       52
       +
       	postURIs := make([]string, 0, len(feedPosts))

     

       53
       +
       	for _, feedPost := range feedPosts {

     

       54
       +
       		if post := feedPost.GetPost(); post != nil {

     

       55
       +
       			postURIs = append(postURIs, post.URI)

     

       56
       +
       		}

     

       57
       +
       	}

     

       58
       +
       

     

       59
       +
       	// Get viewer votes for all posts

     

       60
       +
       	viewerVotes := voteService.GetViewerVotesForSubjects(userDID, postURIs)

     

       61
       +
       

     

       62
       +
       	// Populate viewer state on each post

     

       63
       +
       	for _, feedPost := range feedPosts {

     

       64
       +
       		if post := feedPost.GetPost(); post != nil {

     

       65
       +
       			if vote, exists := viewerVotes[post.URI]; exists {

     

       66
       +
       				post.Viewer = &posts.ViewerState{

     

       67
       +
       					Vote:    &vote.Direction,

     

       68
       +
       					VoteURI: &vote.URI,

     

       69
       +
       				}

     

       70
       +
       			}

     

       71
       +
       		}

     

       72
       +
       	}

     

       73
       +
       }

+11 -4

internal/api/handlers/discover/get_discover.go

···

       1
        
       package discover

     

       2
        
       

     

       3
        
       import (

     

       0
        
       
     

       4
        
       	"Coves/internal/core/discover"

     

       5
        
       	"Coves/internal/core/posts"

     

       0
        
       
     

       6
        
       	"encoding/json"

     

       7
        
       	"log"

     

       8
        
       	"net/http"

     
···

       11
        
       

     

       12
        
       // GetDiscoverHandler handles discover feed retrieval

     

       13
        
       type GetDiscoverHandler struct {

     

       14
       -
       	service discover.Service

     

       0
        
       
     

       15
        
       }

     

       16
        
       

     

       17
        
       // NewGetDiscoverHandler creates a new discover handler

     

       18
       -
       func NewGetDiscoverHandler(service discover.Service) *GetDiscoverHandler {

     

       19
        
       	return &GetDiscoverHandler{

     

       20
       -
       		service: service,

     

       0
        
       
     

       21
        
       	}

     

       22
        
       }

     

       23
        
       

     

       24
        
       // HandleGetDiscover retrieves posts from all communities (public feed)

     

       25
        
       // GET /xrpc/social.coves.feed.getDiscover?sort=hot&limit=15&cursor=...

     

       26
       -
       // Public endpoint - no authentication required

     

       27
        
       func (h *GetDiscoverHandler) HandleGetDiscover(w http.ResponseWriter, r *http.Request) {

     

       28
        
       	if r.Method != http.MethodGet {

     

       29
        
       		http.Error(w, "Method not allowed", http.StatusMethodNotAllowed)

     
···

       40
        
       		return

     

       41
        
       	}

     

       42
        
       

     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       43
        
       	// Transform blob refs to URLs for all posts

     

       44
        
       	for _, feedPost := range response.Feed {

     

       45
        
       		if feedPost.Post != nil {

···

       1
        
       package discover

     

       2
        
       

     

       3
        
       import (

     

       4
       +
       	"Coves/internal/api/handlers/common"

     

       5
        
       	"Coves/internal/core/discover"

     

       6
        
       	"Coves/internal/core/posts"

     

       7
       +
       	"Coves/internal/core/votes"

     

       8
        
       	"encoding/json"

     

       9
        
       	"log"

     

       10
        
       	"net/http"

     
···

       13
        
       

     

       14
        
       // GetDiscoverHandler handles discover feed retrieval

     

       15
        
       type GetDiscoverHandler struct {

     

       16
       +
       	service     discover.Service

     

       17
       +
       	voteService votes.Service

     

       18
        
       }

     

       19
        
       

     

       20
        
       // NewGetDiscoverHandler creates a new discover handler

     

       21
       +
       func NewGetDiscoverHandler(service discover.Service, voteService votes.Service) *GetDiscoverHandler {

     

       22
        
       	return &GetDiscoverHandler{

     

       23
       +
       		service:     service,

     

       24
       +
       		voteService: voteService,

     

       25
        
       	}

     

       26
        
       }

     

       27
        
       

     

       28
        
       // HandleGetDiscover retrieves posts from all communities (public feed)

     

       29
        
       // GET /xrpc/social.coves.feed.getDiscover?sort=hot&limit=15&cursor=...

     

       30
       +
       // Public endpoint with optional auth - if authenticated, includes viewer vote state

     

       31
        
       func (h *GetDiscoverHandler) HandleGetDiscover(w http.ResponseWriter, r *http.Request) {

     

       32
        
       	if r.Method != http.MethodGet {

     

       33
        
       		http.Error(w, "Method not allowed", http.StatusMethodNotAllowed)

     
···

       44
        
       		return

     

       45
        
       	}

     

       46
        
       

     

       47
       +
       	// Populate viewer vote state if authenticated

     

       48
       +
       	common.PopulateViewerVoteState(r.Context(), r, h.voteService, response.Feed)

     

       49
       +
       

     

       50
        
       	// Transform blob refs to URLs for all posts

     

       51
        
       	for _, feedPost := range response.Feed {

     

       52
        
       		if feedPost.Post != nil {

+9 -4

internal/api/routes/discover.go

···

       2
        
       

     

       3
        
       import (

     

       4
        
       	"Coves/internal/api/handlers/discover"

     

       0
        
       
     

       5
        
       	discoverCore "Coves/internal/core/discover"

     

       0
        
       
     

       6
        
       

     

       7
        
       	"github.com/go-chi/chi/v5"

     

       8
        
       )

     
···

       10
        
       // RegisterDiscoverRoutes registers discover-related XRPC endpoints

     

       11
        
       //

     

       12
        
       // SECURITY & RATE LIMITING:

     

       13
       -
       // - Discover feed is PUBLIC (no authentication required)

     

       0
        
       
     

       14
        
       // - Protected by global rate limiter: 100 requests/minute per IP (main.go:84)

     

       15
        
       // - Query timeout enforced via context (prevents long-running queries)

     

       16
        
       // - Result limit capped at 50 posts per request (validated in service layer)

     
···

       18
        
       func RegisterDiscoverRoutes(

     

       19
        
       	r chi.Router,

     

       20
        
       	discoverService discoverCore.Service,

     

       0
        
       
     

       0
        
       
     

       21
        
       ) {

     

       22
        
       	// Create handlers

     

       23
       -
       	getDiscoverHandler := discover.NewGetDiscoverHandler(discoverService)

     

       24
        
       

     

       25
        
       	// GET /xrpc/social.coves.feed.getDiscover

     

       26
       -
       	// Public endpoint - no authentication required

     

       27
        
       	// Shows posts from ALL communities (not personalized)

     

       28
        
       	// Rate limited: 100 req/min per IP via global middleware

     

       29
       -
       	r.Get("/xrpc/social.coves.feed.getDiscover", getDiscoverHandler.HandleGetDiscover)

     

       30
        
       }

···

       2
        
       

     

       3
        
       import (

     

       4
        
       	"Coves/internal/api/handlers/discover"

     

       5
       +
       	"Coves/internal/api/middleware"

     

       6
        
       	discoverCore "Coves/internal/core/discover"

     

       7
       +
       	"Coves/internal/core/votes"

     

       8
        
       

     

       9
        
       	"github.com/go-chi/chi/v5"

     

       10
        
       )

     
···

       12
        
       // RegisterDiscoverRoutes registers discover-related XRPC endpoints

     

       13
        
       //

     

       14
        
       // SECURITY & RATE LIMITING:

     

       15
       +
       // - Discover feed is PUBLIC (works without authentication)

     

       16
       +
       // - Optional auth: if authenticated, includes viewer vote state on posts

     

       17
        
       // - Protected by global rate limiter: 100 requests/minute per IP (main.go:84)

     

       18
        
       // - Query timeout enforced via context (prevents long-running queries)

     

       19
        
       // - Result limit capped at 50 posts per request (validated in service layer)

     
···

       21
        
       func RegisterDiscoverRoutes(

     

       22
        
       	r chi.Router,

     

       23
        
       	discoverService discoverCore.Service,

     

       24
       +
       	voteService votes.Service,

     

       25
       +
       	authMiddleware *middleware.OAuthAuthMiddleware,

     

       26
        
       ) {

     

       27
        
       	// Create handlers

     

       28
       +
       	getDiscoverHandler := discover.NewGetDiscoverHandler(discoverService, voteService)

     

       29
        
       

     

       30
        
       	// GET /xrpc/social.coves.feed.getDiscover

     

       31
       +
       	// Public endpoint with optional auth for viewer-specific state (vote state)

     

       32
        
       	// Shows posts from ALL communities (not personalized)

     

       33
        
       	// Rate limited: 100 req/min per IP via global middleware

     

       34
       +
       	r.With(authMiddleware.OptionalAuth).Get("/xrpc/social.coves.feed.getDiscover", getDiscoverHandler.HandleGetDiscover)

     

       35
        
       }

internal/core/communityFeeds/types.go

···

       31
        
       	Reply  *ReplyRef       `json:"reply,omitempty"`  // Reply context

     

       32
        
       }

     

       33
        
       

     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       34
        
       // FeedReason is a union type for feed context

     

       35
        
       // Can be reasonRepost or reasonPin

     

       36
        
       type FeedReason struct {

···

       31
        
       	Reply  *ReplyRef       `json:"reply,omitempty"`  // Reply context

     

       32
        
       }

     

       33
        
       

     

       34
       +
       // GetPost returns the underlying PostView for viewer state enrichment

     

       35
       +
       func (f *FeedViewPost) GetPost() *posts.PostView {

     

       36
       +
       	return f.Post

     

       37
       +
       }

     

       38
       +
       

     

       39
        
       // FeedReason is a union type for feed context

     

       40
        
       // Can be reasonRepost or reasonPin

     

       41
        
       type FeedReason struct {

internal/core/discover/types.go

···

       39
        
       	Reply  *ReplyRef       `json:"reply,omitempty"`

     

       40
        
       }

     

       41
        
       

     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       42
        
       // FeedReason is a union type for feed context

     

       43
        
       type FeedReason struct {

     

       44
        
       	Repost    *ReasonRepost    `json:"-"`

···

       39
        
       	Reply  *ReplyRef       `json:"reply,omitempty"`

     

       40
        
       }

     

       41
        
       

     

       42
       +
       // GetPost returns the underlying PostView for viewer state enrichment

     

       43
       +
       func (f *FeedViewPost) GetPost() *posts.PostView {

     

       44
       +
       	return f.Post

     

       45
       +
       }

     

       46
       +
       

     

       47
        
       // FeedReason is a union type for feed context

     

       48
        
       type FeedReason struct {

     

       49
        
       	Repost    *ReasonRepost    `json:"-"`

internal/core/timeline/types.go

···

       42
        
       	Reply  *ReplyRef       `json:"reply,omitempty"`  // Reply context

     

       43
        
       }

     

       44
        
       

     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       45
        
       // FeedReason is a union type for feed context

     

       46
        
       // Future: Can be reasonRepost or reasonCommunity

     

       47
        
       type FeedReason struct {

···

       42
        
       	Reply  *ReplyRef       `json:"reply,omitempty"`  // Reply context

     

       43
        
       }

     

       44
        
       

     

       45
       +
       // GetPost returns the underlying PostView for viewer state enrichment

     

       46
       +
       func (f *FeedViewPost) GetPost() *posts.PostView {

     

       47
       +
       	return f.Post

     

       48
       +
       }

     

       49
       +
       

     

       50
        
       // FeedReason is a union type for feed context

     

       51
        
       // Future: Can be reasonRepost or reasonCommunity

     

       52
        
       type FeedReason struct {

+193 -5

tests/integration/discover_test.go

···

       2
        
       

     

       3
        
       import (

     

       4
        
       	"Coves/internal/api/handlers/discover"

     

       0
        
       
     

       0
        
       
     

       5
        
       	"Coves/internal/db/postgres"

     

       6
        
       	"context"

     

       7
        
       	"encoding/json"

     
···

       13
        
       

     

       14
        
       	discoverCore "Coves/internal/core/discover"

     

       15
        
       

     

       0
        
       
     

       0
        
       
     

       16
        
       	"github.com/stretchr/testify/assert"

     

       17
        
       	"github.com/stretchr/testify/require"

     

       18
        
       )

     

       19
        
       

     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       20
        
       // TestGetDiscover_ShowsAllCommunities tests discover feed shows posts from ALL communities

     

       21
        
       func TestGetDiscover_ShowsAllCommunities(t *testing.T) {

     

       22
        
       	if testing.Short() {

     
···

       29
        
       	// Setup services

     

       30
        
       	discoverRepo := postgres.NewDiscoverRepository(db, "test-cursor-secret")

     

       31
        
       	discoverService := discoverCore.NewDiscoverService(discoverRepo)

     

       32
       -
       	handler := discover.NewGetDiscoverHandler(discoverService)

     

       33
        
       

     

       34
        
       	ctx := context.Background()

     

       35
        
       	testID := time.Now().UnixNano()

     
···

       100
        
       	// Setup services

     

       101
        
       	discoverRepo := postgres.NewDiscoverRepository(db, "test-cursor-secret")

     

       102
        
       	discoverService := discoverCore.NewDiscoverService(discoverRepo)

     

       103
       -
       	handler := discover.NewGetDiscoverHandler(discoverService)

     

       104
        
       

     

       105
        
       	ctx := context.Background()

     

       106
        
       	testID := time.Now().UnixNano()

     
···

       147
        
       	// Setup services

     

       148
        
       	discoverRepo := postgres.NewDiscoverRepository(db, "test-cursor-secret")

     

       149
        
       	discoverService := discoverCore.NewDiscoverService(discoverRepo)

     

       150
       -
       	handler := discover.NewGetDiscoverHandler(discoverService)

     

       151
        
       

     

       152
        
       	ctx := context.Background()

     

       153
        
       	testID := time.Now().UnixNano()

     
···

       197
        
       	// Setup services

     

       198
        
       	discoverRepo := postgres.NewDiscoverRepository(db, "test-cursor-secret")

     

       199
        
       	discoverService := discoverCore.NewDiscoverService(discoverRepo)

     

       200
       -
       	handler := discover.NewGetDiscoverHandler(discoverService)

     

       201
        
       

     

       202
        
       	ctx := context.Background()

     

       203
        
       	testID := time.Now().UnixNano()

     
···

       254
        
       	// Setup services

     

       255
        
       	discoverRepo := postgres.NewDiscoverRepository(db, "test-cursor-secret")

     

       256
        
       	discoverService := discoverCore.NewDiscoverService(discoverRepo)

     

       257
       -
       	handler := discover.NewGetDiscoverHandler(discoverService)

     

       258
        
       

     

       259
        
       	t.Run("Limit exceeds maximum", func(t *testing.T) {

     

       260
        
       		req := httptest.NewRequest(http.MethodGet, "/xrpc/social.coves.feed.getDiscover?sort=new&limit=100", nil)

     
···

       271
        
       		assert.Contains(t, errorResp["message"], "limit")

     

       272
        
       	})

     

       273
        
       }

     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0

···

       2
        
       

     

       3
        
       import (

     

       4
        
       	"Coves/internal/api/handlers/discover"

     

       5
       +
       	"Coves/internal/api/middleware"

     

       6
       +
       	"Coves/internal/core/votes"

     

       7
        
       	"Coves/internal/db/postgres"

     

       8
        
       	"context"

     

       9
        
       	"encoding/json"

     
···

       15
        
       

     

       16
        
       	discoverCore "Coves/internal/core/discover"

     

       17
        
       

     

       18
       +
       	oauthlib "github.com/bluesky-social/indigo/atproto/auth/oauth"

     

       19
       +
       	"github.com/bluesky-social/indigo/atproto/syntax"

     

       20
        
       	"github.com/stretchr/testify/assert"

     

       21
        
       	"github.com/stretchr/testify/require"

     

       22
        
       )

     

       23
        
       

     

       24
       +
       // mockVoteService implements votes.Service for testing viewer vote state

     

       25
       +
       type mockVoteService struct {

     

       26
       +
       	cachedVotes map[string]*votes.CachedVote // userDID:subjectURI -> vote

     

       27
       +
       }

     

       28
       +
       

     

       29
       +
       func newMockVoteService() *mockVoteService {

     

       30
       +
       	return &mockVoteService{

     

       31
       +
       		cachedVotes: make(map[string]*votes.CachedVote),

     

       32
       +
       	}

     

       33
       +
       }

     

       34
       +
       

     

       35
       +
       func (m *mockVoteService) AddVote(userDID, subjectURI, direction, voteURI string) {

     

       36
       +
       	key := userDID + ":" + subjectURI

     

       37
       +
       	m.cachedVotes[key] = &votes.CachedVote{

     

       38
       +
       		Direction: direction,

     

       39
       +
       		URI:       voteURI,

     

       40
       +
       	}

     

       41
       +
       }

     

       42
       +
       

     

       43
       +
       func (m *mockVoteService) CreateVote(_ context.Context, _ *oauthlib.ClientSessionData, _ votes.CreateVoteRequest) (*votes.CreateVoteResponse, error) {

     

       44
       +
       	return &votes.CreateVoteResponse{}, nil

     

       45
       +
       }

     

       46
       +
       

     

       47
       +
       func (m *mockVoteService) DeleteVote(_ context.Context, _ *oauthlib.ClientSessionData, _ votes.DeleteVoteRequest) error {

     

       48
       +
       	return nil

     

       49
       +
       }

     

       50
       +
       

     

       51
       +
       func (m *mockVoteService) EnsureCachePopulated(_ context.Context, _ *oauthlib.ClientSessionData) error {

     

       52
       +
       	return nil // Mock always succeeds - votes pre-populated via AddVote

     

       53
       +
       }

     

       54
       +
       

     

       55
       +
       func (m *mockVoteService) GetViewerVote(userDID, subjectURI string) *votes.CachedVote {

     

       56
       +
       	key := userDID + ":" + subjectURI

     

       57
       +
       	return m.cachedVotes[key]

     

       58
       +
       }

     

       59
       +
       

     

       60
       +
       func (m *mockVoteService) GetViewerVotesForSubjects(userDID string, subjectURIs []string) map[string]*votes.CachedVote {

     

       61
       +
       	result := make(map[string]*votes.CachedVote)

     

       62
       +
       	for _, uri := range subjectURIs {

     

       63
       +
       		key := userDID + ":" + uri

     

       64
       +
       		if vote, exists := m.cachedVotes[key]; exists {

     

       65
       +
       			result[uri] = vote

     

       66
       +
       		}

     

       67
       +
       	}

     

       68
       +
       	return result

     

       69
       +
       }

     

       70
       +
       

     

       71
        
       // TestGetDiscover_ShowsAllCommunities tests discover feed shows posts from ALL communities

     

       72
        
       func TestGetDiscover_ShowsAllCommunities(t *testing.T) {

     

       73
        
       	if testing.Short() {

     
···

       80
        
       	// Setup services

     

       81
        
       	discoverRepo := postgres.NewDiscoverRepository(db, "test-cursor-secret")

     

       82
        
       	discoverService := discoverCore.NewDiscoverService(discoverRepo)

     

       83
       +
       	handler := discover.NewGetDiscoverHandler(discoverService, nil) // nil vote service - tests don't need vote state

     

       84
        
       

     

       85
        
       	ctx := context.Background()

     

       86
        
       	testID := time.Now().UnixNano()

     
···

       151
        
       	// Setup services

     

       152
        
       	discoverRepo := postgres.NewDiscoverRepository(db, "test-cursor-secret")

     

       153
        
       	discoverService := discoverCore.NewDiscoverService(discoverRepo)

     

       154
       +
       	handler := discover.NewGetDiscoverHandler(discoverService, nil) // nil vote service - tests don't need vote state

     

       155
        
       

     

       156
        
       	ctx := context.Background()

     

       157
        
       	testID := time.Now().UnixNano()

     
···

       198
        
       	// Setup services

     

       199
        
       	discoverRepo := postgres.NewDiscoverRepository(db, "test-cursor-secret")

     

       200
        
       	discoverService := discoverCore.NewDiscoverService(discoverRepo)

     

       201
       +
       	handler := discover.NewGetDiscoverHandler(discoverService, nil)

     

       202
        
       

     

       203
        
       	ctx := context.Background()

     

       204
        
       	testID := time.Now().UnixNano()

     
···

       248
        
       	// Setup services

     

       249
        
       	discoverRepo := postgres.NewDiscoverRepository(db, "test-cursor-secret")

     

       250
        
       	discoverService := discoverCore.NewDiscoverService(discoverRepo)

     

       251
       +
       	handler := discover.NewGetDiscoverHandler(discoverService, nil)

     

       252
        
       

     

       253
        
       	ctx := context.Background()

     

       254
        
       	testID := time.Now().UnixNano()

     
···

       305
        
       	// Setup services

     

       306
        
       	discoverRepo := postgres.NewDiscoverRepository(db, "test-cursor-secret")

     

       307
        
       	discoverService := discoverCore.NewDiscoverService(discoverRepo)

     

       308
       +
       	handler := discover.NewGetDiscoverHandler(discoverService, nil)

     

       309
        
       

     

       310
        
       	t.Run("Limit exceeds maximum", func(t *testing.T) {

     

       311
        
       		req := httptest.NewRequest(http.MethodGet, "/xrpc/social.coves.feed.getDiscover?sort=new&limit=100", nil)

     
···

       322
        
       		assert.Contains(t, errorResp["message"], "limit")

     

       323
        
       	})

     

       324
        
       }

     

       325
       +
       

     

       326
       +
       // TestGetDiscover_ViewerVoteState tests that authenticated users see their vote state on posts

     

       327
       +
       func TestGetDiscover_ViewerVoteState(t *testing.T) {

     

       328
       +
       	if testing.Short() {

     

       329
       +
       		t.Skip("Skipping integration test in short mode")

     

       330
       +
       	}

     

       331
       +
       

     

       332
       +
       	db := setupTestDB(t)

     

       333
       +
       	t.Cleanup(func() { _ = db.Close() })

     

       334
       +
       

     

       335
       +
       	ctx := context.Background()

     

       336
       +
       	testID := time.Now().UnixNano()

     

       337
       +
       

     

       338
       +
       	// Create community and posts

     

       339
       +
       	communityDID, err := createFeedTestCommunity(db, ctx, fmt.Sprintf("votes-%d", testID), fmt.Sprintf("alice-%d.test", testID))

     

       340
       +
       	require.NoError(t, err)

     

       341
       +
       

     

       342
       +
       	post1URI := createTestPost(t, db, communityDID, "did:plc:author1", "Post with upvote", 10, time.Now().Add(-1*time.Hour))

     

       343
       +
       	post2URI := createTestPost(t, db, communityDID, "did:plc:author2", "Post with downvote", 5, time.Now().Add(-2*time.Hour))

     

       344
       +
       	_ = createTestPost(t, db, communityDID, "did:plc:author3", "Post without vote", 3, time.Now().Add(-3*time.Hour))

     

       345
       +
       

     

       346
       +
       	// Setup mock vote service with pre-populated votes

     

       347
       +
       	viewerDID := "did:plc:viewer123"

     

       348
       +
       	mockVotes := newMockVoteService()

     

       349
       +
       	mockVotes.AddVote(viewerDID, post1URI, "up", "at://"+viewerDID+"/social.coves.vote/vote1")

     

       350
       +
       	mockVotes.AddVote(viewerDID, post2URI, "down", "at://"+viewerDID+"/social.coves.vote/vote2")

     

       351
       +
       

     

       352
       +
       	// Setup handler with mock vote service

     

       353
       +
       	discoverRepo := postgres.NewDiscoverRepository(db, "test-cursor-secret")

     

       354
       +
       	discoverService := discoverCore.NewDiscoverService(discoverRepo)

     

       355
       +
       	handler := discover.NewGetDiscoverHandler(discoverService, mockVotes)

     

       356
       +
       

     

       357
       +
       	// Create request with authenticated user context

     

       358
       +
       	req := httptest.NewRequest(http.MethodGet, "/xrpc/social.coves.feed.getDiscover?sort=new&limit=50", nil)

     

       359
       +
       

     

       360
       +
       	// Inject OAuth session into context (simulates OptionalAuth middleware)

     

       361
       +
       	did, _ := syntax.ParseDID(viewerDID)

     

       362
       +
       	session := &oauthlib.ClientSessionData{

     

       363
       +
       		AccountDID:  did,

     

       364
       +
       		AccessToken: "test_token",

     

       365
       +
       	}

     

       366
       +
       	reqCtx := context.WithValue(req.Context(), middleware.UserDIDKey, viewerDID)

     

       367
       +
       	reqCtx = context.WithValue(reqCtx, middleware.OAuthSessionKey, session)

     

       368
       +
       	req = req.WithContext(reqCtx)

     

       369
       +
       

     

       370
       +
       	rec := httptest.NewRecorder()

     

       371
       +
       	handler.HandleGetDiscover(rec, req)

     

       372
       +
       

     

       373
       +
       	// Assertions

     

       374
       +
       	assert.Equal(t, http.StatusOK, rec.Code)

     

       375
       +
       

     

       376
       +
       	var response discoverCore.DiscoverResponse

     

       377
       +
       	err = json.Unmarshal(rec.Body.Bytes(), &response)

     

       378
       +
       	require.NoError(t, err)

     

       379
       +
       

     

       380
       +
       	// Find our test posts and verify vote state

     

       381
       +
       	var foundPost1, foundPost2, foundPost3 bool

     

       382
       +
       	for _, feedPost := range response.Feed {

     

       383
       +
       		switch feedPost.Post.URI {

     

       384
       +
       		case post1URI:

     

       385
       +
       			foundPost1 = true

     

       386
       +
       			require.NotNil(t, feedPost.Post.Viewer, "Post1 should have viewer state")

     

       387
       +
       			require.NotNil(t, feedPost.Post.Viewer.Vote, "Post1 should have vote direction")

     

       388
       +
       			assert.Equal(t, "up", *feedPost.Post.Viewer.Vote, "Post1 should show upvote")

     

       389
       +
       			require.NotNil(t, feedPost.Post.Viewer.VoteURI, "Post1 should have vote URI")

     

       390
       +
       			assert.Contains(t, *feedPost.Post.Viewer.VoteURI, "vote1", "Post1 should have correct vote URI")

     

       391
       +
       

     

       392
       +
       		case post2URI:

     

       393
       +
       			foundPost2 = true

     

       394
       +
       			require.NotNil(t, feedPost.Post.Viewer, "Post2 should have viewer state")

     

       395
       +
       			require.NotNil(t, feedPost.Post.Viewer.Vote, "Post2 should have vote direction")

     

       396
       +
       			assert.Equal(t, "down", *feedPost.Post.Viewer.Vote, "Post2 should show downvote")

     

       397
       +
       			require.NotNil(t, feedPost.Post.Viewer.VoteURI, "Post2 should have vote URI")

     

       398
       +
       

     

       399
       +
       		default:

     

       400
       +
       			// Posts without votes should have nil Viewer or nil Vote

     

       401
       +
       			if feedPost.Post.Viewer != nil && feedPost.Post.Viewer.Vote != nil {

     

       402
       +
       				// This post has a vote from our viewer - it's not post3

     

       403
       +
       				continue

     

       404
       +
       			}

     

       405
       +
       			foundPost3 = true

     

       406
       +
       		}

     

       407
       +
       	}

     

       408
       +
       

     

       409
       +
       	assert.True(t, foundPost1, "Should find post1 with upvote")

     

       410
       +
       	assert.True(t, foundPost2, "Should find post2 with downvote")

     

       411
       +
       	assert.True(t, foundPost3, "Should find post3 without vote")

     

       412
       +
       }

     

       413
       +
       

     

       414
       +
       // TestGetDiscover_NoViewerStateWithoutAuth tests that unauthenticated users don't get viewer state

     

       415
       +
       func TestGetDiscover_NoViewerStateWithoutAuth(t *testing.T) {

     

       416
       +
       	if testing.Short() {

     

       417
       +
       		t.Skip("Skipping integration test in short mode")

     

       418
       +
       	}

     

       419
       +
       

     

       420
       +
       	db := setupTestDB(t)

     

       421
       +
       	t.Cleanup(func() { _ = db.Close() })

     

       422
       +
       

     

       423
       +
       	ctx := context.Background()

     

       424
       +
       	testID := time.Now().UnixNano()

     

       425
       +
       

     

       426
       +
       	// Create community and post

     

       427
       +
       	communityDID, err := createFeedTestCommunity(db, ctx, fmt.Sprintf("noauth-%d", testID), fmt.Sprintf("alice-%d.test", testID))

     

       428
       +
       	require.NoError(t, err)

     

       429
       +
       

     

       430
       +
       	postURI := createTestPost(t, db, communityDID, "did:plc:author", "Some post", 10, time.Now())

     

       431
       +
       

     

       432
       +
       	// Setup mock vote service with a vote (but request will be unauthenticated)

     

       433
       +
       	mockVotes := newMockVoteService()

     

       434
       +
       	mockVotes.AddVote("did:plc:someuser", postURI, "up", "at://did:plc:someuser/social.coves.vote/vote1")

     

       435
       +
       

     

       436
       +
       	// Setup handler with mock vote service

     

       437
       +
       	discoverRepo := postgres.NewDiscoverRepository(db, "test-cursor-secret")

     

       438
       +
       	discoverService := discoverCore.NewDiscoverService(discoverRepo)

     

       439
       +
       	handler := discover.NewGetDiscoverHandler(discoverService, mockVotes)

     

       440
       +
       

     

       441
       +
       	// Create request WITHOUT auth context

     

       442
       +
       	req := httptest.NewRequest(http.MethodGet, "/xrpc/social.coves.feed.getDiscover?sort=new&limit=50", nil)

     

       443
       +
       	rec := httptest.NewRecorder()

     

       444
       +
       	handler.HandleGetDiscover(rec, req)

     

       445
       +
       

     

       446
       +
       	// Should succeed

     

       447
       +
       	assert.Equal(t, http.StatusOK, rec.Code)

     

       448
       +
       

     

       449
       +
       	var response discoverCore.DiscoverResponse

     

       450
       +
       	err = json.Unmarshal(rec.Body.Bytes(), &response)

     

       451
       +
       	require.NoError(t, err)

     

       452
       +
       

     

       453
       +
       	// Find our post and verify NO viewer state (unauthenticated)

     

       454
       +
       	for _, feedPost := range response.Feed {

     

       455
       +
       		if feedPost.Post.URI == postURI {

     

       456
       +
       			assert.Nil(t, feedPost.Post.Viewer, "Unauthenticated request should not have viewer state")

     

       457
       +
       			return

     

       458
       +
       		}

     

       459
       +
       	}

     

       460
       +
       	t.Fatal("Test post not found in response")

     

       461
       +
       }

+11 -11

tests/integration/feed_test.go

···

       37
        
       		nil,

     

       38
        
       	)

     

       39
        
       	feedService := communityFeeds.NewCommunityFeedService(feedRepo, communityService)

     

       40
       -
       	handler := communityFeed.NewGetCommunityHandler(feedService)

     

       41
        
       

     

       42
        
       	// Setup test data: community, users, and posts

     

       43
        
       	ctx := context.Background()

     
···

       114
        
       		nil,

     

       115
        
       	)

     

       116
        
       	feedService := communityFeeds.NewCommunityFeedService(feedRepo, communityService)

     

       117
       -
       	handler := communityFeed.NewGetCommunityHandler(feedService)

     

       118
        
       

     

       119
        
       	// Setup test data

     

       120
        
       	ctx := context.Background()

     
···

       190
        
       		nil,

     

       191
        
       	)

     

       192
        
       	feedService := communityFeeds.NewCommunityFeedService(feedRepo, communityService)

     

       193
       -
       	handler := communityFeed.NewGetCommunityHandler(feedService)

     

       194
        
       

     

       195
        
       	// Setup test data

     

       196
        
       	ctx := context.Background()

     
···

       246
        
       		nil,

     

       247
        
       	)

     

       248
        
       	feedService := communityFeeds.NewCommunityFeedService(feedRepo, communityService)

     

       249
       -
       	handler := communityFeed.NewGetCommunityHandler(feedService)

     

       250
        
       

     

       251
        
       	// Setup test data with many posts

     

       252
        
       	ctx := context.Background()

     
···

       337
        
       		nil,

     

       338
        
       	)

     

       339
        
       	feedService := communityFeeds.NewCommunityFeedService(feedRepo, communityService)

     

       340
       -
       	handler := communityFeed.NewGetCommunityHandler(feedService)

     

       341
        
       

     

       342
        
       	// Request feed for non-existent community

     

       343
        
       	req := httptest.NewRequest(http.MethodGet, "/xrpc/social.coves.communityFeed.getCommunity?community=did:plc:nonexistent&sort=hot&limit=10", nil)

     
···

       373
        
       		nil,

     

       374
        
       	)

     

       375
        
       	feedService := communityFeeds.NewCommunityFeedService(feedRepo, communityService)

     

       376
       -
       	handler := communityFeed.NewGetCommunityHandler(feedService)

     

       377
        
       

     

       378
        
       	// Setup test community

     

       379
        
       	ctx := context.Background()

     
···

       429
        
       		nil,

     

       430
        
       	)

     

       431
        
       	feedService := communityFeeds.NewCommunityFeedService(feedRepo, communityService)

     

       432
       -
       	handler := communityFeed.NewGetCommunityHandler(feedService)

     

       433
        
       

     

       434
        
       	// Create community with no posts

     

       435
        
       	ctx := context.Background()

     
···

       473
        
       		nil,

     

       474
        
       	)

     

       475
        
       	feedService := communityFeeds.NewCommunityFeedService(feedRepo, communityService)

     

       476
       -
       	handler := communityFeed.NewGetCommunityHandler(feedService)

     

       477
        
       

     

       478
        
       	// Setup test community

     

       479
        
       	ctx := context.Background()

     
···

       526
        
       		nil,

     

       527
        
       	)

     

       528
        
       	feedService := communityFeeds.NewCommunityFeedService(feedRepo, communityService)

     

       529
       -
       	handler := communityFeed.NewGetCommunityHandler(feedService)

     

       530
        
       

     

       531
        
       	// Setup test data

     

       532
        
       	ctx := context.Background()

     
···

       627
        
       		nil,

     

       628
        
       	)

     

       629
        
       	feedService := communityFeeds.NewCommunityFeedService(feedRepo, communityService)

     

       630
       -
       	handler := communityFeed.NewGetCommunityHandler(feedService)

     

       631
        
       

     

       632
        
       	// Setup test data

     

       633
        
       	ctx := context.Background()

     
···

       720
        
       		nil,

     

       721
        
       	)

     

       722
        
       	feedService := communityFeeds.NewCommunityFeedService(feedRepo, communityService)

     

       723
       -
       	handler := communityFeed.NewGetCommunityHandler(feedService)

     

       724
        
       

     

       725
        
       	// Setup test data

     

       726
        
       	ctx := context.Background()

···

       37
        
       		nil,

     

       38
        
       	)

     

       39
        
       	feedService := communityFeeds.NewCommunityFeedService(feedRepo, communityService)

     

       40
       +
       	handler := communityFeed.NewGetCommunityHandler(feedService, nil)

     

       41
        
       

     

       42
        
       	// Setup test data: community, users, and posts

     

       43
        
       	ctx := context.Background()

     
···

       114
        
       		nil,

     

       115
        
       	)

     

       116
        
       	feedService := communityFeeds.NewCommunityFeedService(feedRepo, communityService)

     

       117
       +
       	handler := communityFeed.NewGetCommunityHandler(feedService, nil)

     

       118
        
       

     

       119
        
       	// Setup test data

     

       120
        
       	ctx := context.Background()

     
···

       190
        
       		nil,

     

       191
        
       	)

     

       192
        
       	feedService := communityFeeds.NewCommunityFeedService(feedRepo, communityService)

     

       193
       +
       	handler := communityFeed.NewGetCommunityHandler(feedService, nil)

     

       194
        
       

     

       195
        
       	// Setup test data

     

       196
        
       	ctx := context.Background()

     
···

       246
        
       		nil,

     

       247
        
       	)

     

       248
        
       	feedService := communityFeeds.NewCommunityFeedService(feedRepo, communityService)

     

       249
       +
       	handler := communityFeed.NewGetCommunityHandler(feedService, nil)

     

       250
        
       

     

       251
        
       	// Setup test data with many posts

     

       252
        
       	ctx := context.Background()

     
···

       337
        
       		nil,

     

       338
        
       	)

     

       339
        
       	feedService := communityFeeds.NewCommunityFeedService(feedRepo, communityService)

     

       340
       +
       	handler := communityFeed.NewGetCommunityHandler(feedService, nil)

     

       341
        
       

     

       342
        
       	// Request feed for non-existent community

     

       343
        
       	req := httptest.NewRequest(http.MethodGet, "/xrpc/social.coves.communityFeed.getCommunity?community=did:plc:nonexistent&sort=hot&limit=10", nil)

     
···

       373
        
       		nil,

     

       374
        
       	)

     

       375
        
       	feedService := communityFeeds.NewCommunityFeedService(feedRepo, communityService)

     

       376
       +
       	handler := communityFeed.NewGetCommunityHandler(feedService, nil)

     

       377
        
       

     

       378
        
       	// Setup test community

     

       379
        
       	ctx := context.Background()

     
···

       429
        
       		nil,

     

       430
        
       	)

     

       431
        
       	feedService := communityFeeds.NewCommunityFeedService(feedRepo, communityService)

     

       432
       +
       	handler := communityFeed.NewGetCommunityHandler(feedService, nil)

     

       433
        
       

     

       434
        
       	// Create community with no posts

     

       435
        
       	ctx := context.Background()

     
···

       473
        
       		nil,

     

       474
        
       	)

     

       475
        
       	feedService := communityFeeds.NewCommunityFeedService(feedRepo, communityService)

     

       476
       +
       	handler := communityFeed.NewGetCommunityHandler(feedService, nil)

     

       477
        
       

     

       478
        
       	// Setup test community

     

       479
        
       	ctx := context.Background()

     
···

       526
        
       		nil,

     

       527
        
       	)

     

       528
        
       	feedService := communityFeeds.NewCommunityFeedService(feedRepo, communityService)

     

       529
       +
       	handler := communityFeed.NewGetCommunityHandler(feedService, nil)

     

       530
        
       

     

       531
        
       	// Setup test data

     

       532
        
       	ctx := context.Background()

     
···

       627
        
       		nil,

     

       628
        
       	)

     

       629
        
       	feedService := communityFeeds.NewCommunityFeedService(feedRepo, communityService)

     

       630
       +
       	handler := communityFeed.NewGetCommunityHandler(feedService, nil)

     

       631
        
       

     

       632
        
       	// Setup test data

     

       633
        
       	ctx := context.Background()

     
···

       720
        
       		nil,

     

       721
        
       	)

     

       722
        
       	feedService := communityFeeds.NewCommunityFeedService(feedRepo, communityService)

     

       723
       +
       	handler := communityFeed.NewGetCommunityHandler(feedService, nil)

     

       724
        
       

     

       725
        
       	// Setup test data

     

       726
        
       	ctx := context.Background()

+7 -7

tests/integration/timeline_test.go

···

       30
        
       	// Setup services

     

       31
        
       	timelineRepo := postgres.NewTimelineRepository(db, "test-cursor-secret")

     

       32
        
       	timelineService := timelineCore.NewTimelineService(timelineRepo)

     

       33
       -
       	handler := timeline.NewGetTimelineHandler(timelineService)

     

       34
        
       

     

       35
        
       	ctx := context.Background()

     

       36
        
       	testID := time.Now().UnixNano()

     
···

       119
        
       	// Setup services

     

       120
        
       	timelineRepo := postgres.NewTimelineRepository(db, "test-cursor-secret")

     

       121
        
       	timelineService := timelineCore.NewTimelineService(timelineRepo)

     

       122
       -
       	handler := timeline.NewGetTimelineHandler(timelineService)

     

       123
        
       

     

       124
        
       	ctx := context.Background()

     

       125
        
       	testID := time.Now().UnixNano()

     
···

       190
        
       	// Setup services

     

       191
        
       	timelineRepo := postgres.NewTimelineRepository(db, "test-cursor-secret")

     

       192
        
       	timelineService := timelineCore.NewTimelineService(timelineRepo)

     

       193
       -
       	handler := timeline.NewGetTimelineHandler(timelineService)

     

       194
        
       

     

       195
        
       	ctx := context.Background()

     

       196
        
       	testID := time.Now().UnixNano()

     
···

       266
        
       	// Setup services

     

       267
        
       	timelineRepo := postgres.NewTimelineRepository(db, "test-cursor-secret")

     

       268
        
       	timelineService := timelineCore.NewTimelineService(timelineRepo)

     

       269
       -
       	handler := timeline.NewGetTimelineHandler(timelineService)

     

       270
        
       

     

       271
        
       	ctx := context.Background()

     

       272
        
       	testID := time.Now().UnixNano()

     
···

       308
        
       	// Setup services

     

       309
        
       	timelineRepo := postgres.NewTimelineRepository(db, "test-cursor-secret")

     

       310
        
       	timelineService := timelineCore.NewTimelineService(timelineRepo)

     

       311
       -
       	handler := timeline.NewGetTimelineHandler(timelineService)

     

       312
        
       

     

       313
        
       	// Request timeline WITHOUT auth context

     

       314
        
       	req := httptest.NewRequest(http.MethodGet, "/xrpc/social.coves.feed.getTimeline?sort=new&limit=10", nil)

     
···

       337
        
       	// Setup services

     

       338
        
       	timelineRepo := postgres.NewTimelineRepository(db, "test-cursor-secret")

     

       339
        
       	timelineService := timelineCore.NewTimelineService(timelineRepo)

     

       340
       -
       	handler := timeline.NewGetTimelineHandler(timelineService)

     

       341
        
       

     

       342
        
       	ctx := context.Background()

     

       343
        
       	testID := time.Now().UnixNano()

     
···

       388
        
       	// Setup services

     

       389
        
       	timelineRepo := postgres.NewTimelineRepository(db, "test-cursor-secret")

     

       390
        
       	timelineService := timelineCore.NewTimelineService(timelineRepo)

     

       391
       -
       	handler := timeline.NewGetTimelineHandler(timelineService)

     

       392
        
       

     

       393
        
       	ctx := context.Background()

     

       394
        
       	testID := time.Now().UnixNano()

···

       30
        
       	// Setup services

     

       31
        
       	timelineRepo := postgres.NewTimelineRepository(db, "test-cursor-secret")

     

       32
        
       	timelineService := timelineCore.NewTimelineService(timelineRepo)

     

       33
       +
       	handler := timeline.NewGetTimelineHandler(timelineService, nil)

     

       34
        
       

     

       35
        
       	ctx := context.Background()

     

       36
        
       	testID := time.Now().UnixNano()

     
···

       119
        
       	// Setup services

     

       120
        
       	timelineRepo := postgres.NewTimelineRepository(db, "test-cursor-secret")

     

       121
        
       	timelineService := timelineCore.NewTimelineService(timelineRepo)

     

       122
       +
       	handler := timeline.NewGetTimelineHandler(timelineService, nil)

     

       123
        
       

     

       124
        
       	ctx := context.Background()

     

       125
        
       	testID := time.Now().UnixNano()

     
···

       190
        
       	// Setup services

     

       191
        
       	timelineRepo := postgres.NewTimelineRepository(db, "test-cursor-secret")

     

       192
        
       	timelineService := timelineCore.NewTimelineService(timelineRepo)

     

       193
       +
       	handler := timeline.NewGetTimelineHandler(timelineService, nil)

     

       194
        
       

     

       195
        
       	ctx := context.Background()

     

       196
        
       	testID := time.Now().UnixNano()

     
···

       266
        
       	// Setup services

     

       267
        
       	timelineRepo := postgres.NewTimelineRepository(db, "test-cursor-secret")

     

       268
        
       	timelineService := timelineCore.NewTimelineService(timelineRepo)

     

       269
       +
       	handler := timeline.NewGetTimelineHandler(timelineService, nil)

     

       270
        
       

     

       271
        
       	ctx := context.Background()

     

       272
        
       	testID := time.Now().UnixNano()

     
···

       308
        
       	// Setup services

     

       309
        
       	timelineRepo := postgres.NewTimelineRepository(db, "test-cursor-secret")

     

       310
        
       	timelineService := timelineCore.NewTimelineService(timelineRepo)

     

       311
       +
       	handler := timeline.NewGetTimelineHandler(timelineService, nil)

     

       312
        
       

     

       313
        
       	// Request timeline WITHOUT auth context

     

       314
        
       	req := httptest.NewRequest(http.MethodGet, "/xrpc/social.coves.feed.getTimeline?sort=new&limit=10", nil)

     
···

       337
        
       	// Setup services

     

       338
        
       	timelineRepo := postgres.NewTimelineRepository(db, "test-cursor-secret")

     

       339
        
       	timelineService := timelineCore.NewTimelineService(timelineRepo)

     

       340
       +
       	handler := timeline.NewGetTimelineHandler(timelineService, nil)

     

       341
        
       

     

       342
        
       	ctx := context.Background()

     

       343
        
       	testID := time.Now().UnixNano()

     
···

       388
        
       	// Setup services

     

       389
        
       	timelineRepo := postgres.NewTimelineRepository(db, "test-cursor-secret")

     

       390
        
       	timelineService := timelineCore.NewTimelineService(timelineRepo)

     

       391
       +
       	handler := timeline.NewGetTimelineHandler(timelineService, nil)

     

       392
        
       

     

       393
        
       	ctx := context.Background()

     

       394
        
       	testID := time.Now().UnixNano()

+1 -1

tests/integration/user_journey_e2e_test.go

···

       143
        
       	r := chi.NewRouter()

     

       144
        
       	routes.RegisterCommunityRoutes(r, communityService, e2eAuth.OAuthAuthMiddleware, nil) // nil = allow all community creators

     

       145
        
       	routes.RegisterPostRoutes(r, postService, e2eAuth.OAuthAuthMiddleware)

     

       146
       -
       	routes.RegisterTimelineRoutes(r, timelineService, e2eAuth.OAuthAuthMiddleware)

     

       147
        
       	httpServer := httptest.NewServer(r)

     

       148
        
       	defer httpServer.Close()

     

       149

···

       143
        
       	r := chi.NewRouter()

     

       144
        
       	routes.RegisterCommunityRoutes(r, communityService, e2eAuth.OAuthAuthMiddleware, nil) // nil = allow all community creators

     

       145
        
       	routes.RegisterPostRoutes(r, postService, e2eAuth.OAuthAuthMiddleware)

     

       146
       +
       	routes.RegisterTimelineRoutes(r, timelineService, nil, e2eAuth.OAuthAuthMiddleware)

     

       147
        
       	httpServer := httptest.NewServer(r)

     

       148
        
       	defer httpServer.Close()

     

       149

Compare changes