v2: global player, infinite scroll, image picker, threaded comments

2026-03-21 13:55:22 +00:00
parent be426eb150
commit 7c098e7c4c
48 changed files with 4346 additions and 711 deletions
--- a/api/routes/comments.ts
+++ b/api/routes/comments.ts
@@ -0,0 +1,77 @@
+import { Router } from "@oak/oak";
+import {
+  APIErrorCode,
+  APIException,
+  type APIResponse,
+  type Comment,
+  isCreateCommentRequest,
+} from "../model/interfaces.ts";
+import { authMiddleware } from "../middleware/auth.ts";
+import { verifyJWT } from "../lib/jwt.ts";
+import {
+  createComment,
+  deleteComment,
+  getComments,
+} from "../services/comment-service.ts";
+import { getDump } from "../services/dump-service.ts";
+import {
+  broadcastCommentCreated,
+  broadcastCommentDeleted,
+} from "../services/ws-service.ts";
+
+const router = new Router({ prefix: "/api" });
+
+// GET /api/dumps/:dumpId/comments — optional auth (to access private dump comments)
+router.get("/dumps/:dumpId/comments", async (ctx) => {
+  let requestingUserId: string | undefined;
+  const authHeader = ctx.request.headers.get("Authorization");
+  if (authHeader?.startsWith("Bearer ")) {
+    const payload = await verifyJWT(authHeader.substring(7));
+    if (payload) requestingUserId = payload.userId;
+  }
+  const dump = getDump(ctx.params.dumpId, requestingUserId);
+  const comments = getComments(dump.id);
+  const responseBody: APIResponse<Comment[]> = { success: true, data: comments };
+  ctx.response.body = responseBody;
+});
+
+// POST /api/dumps/:dumpId/comments — auth required
+router.post("/dumps/:dumpId/comments", authMiddleware, async (ctx) => {
+  const userId = ctx.state.user.userId as string;
+  const isAdmin = (ctx.state.user.isAdmin ?? false) as boolean;
+  const dump = getDump(ctx.params.dumpId, userId);
+  const body = await ctx.request.body.json();
+  if (!isCreateCommentRequest(body)) {
+    throw new APIException(
+      APIErrorCode.VALIDATION_ERROR,
+      400,
+      "Invalid comment data",
+    );
+  }
+  const comment = createComment(
+    dump.id,
+    userId,
+    body.body,
+    body.parentId ?? undefined,
+  );
+  if (!dump.isPrivate) broadcastCommentCreated(comment);
+  const responseBody: APIResponse<Comment> = { success: true, data: comment };
+  ctx.response.status = 201;
+  ctx.response.body = responseBody;
+});
+
+// DELETE /api/comments/:commentId — auth required
+router.delete("/comments/:commentId", authMiddleware, (ctx) => {
+  const userId = ctx.state.user.userId as string;
+  const isAdmin = (ctx.state.user.isAdmin ?? false) as boolean;
+  const { dumpId, isPrivate } = deleteComment(
+    ctx.params.commentId,
+    userId,
+    isAdmin,
+  );
+  if (!isPrivate) broadcastCommentDeleted(ctx.params.commentId, dumpId);
+  const responseBody: APIResponse<null> = { success: true, data: null };
+  ctx.response.body = responseBody;
+});
+
+export default router;