silberengel
/
unfold
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
140 Commits
1 Branch
0 Tags
7.1 MiB
 
 
 
 
 
 
Tree: 0094939adc
Branches Tags
${ item.name }
Create tag ${ searchTerm }
Create branch ${ searchTerm }
from '0094939adc'
${ noResults }
unfold/src/Controller/CommentReplyController.php

56 lines
2.1 KiB
Raw Blame History

<?php
declare(strict_types=1);
namespace App\Controller;
use App\Entity\User;
use App\Service\CommentReplyService;
use Symfony\Bundle\FrameworkBundle\Controller\AbstractController;
use Symfony\Component\HttpFoundation\JsonResponse;
use Symfony\Component\HttpFoundation\Request;
use Symfony\Component\HttpFoundation\Response;
use Symfony\Component\Routing\Attribute\Route;
use Symfony\Component\Security\Http\Attribute\IsGranted;
final class CommentReplyController extends AbstractController
{
/**
* Accepts a NIP-07–signed kind-1111 event (JSON) and publishes it to configured article relays.
*
* @see \App\Service\CommentReplyService
*/
#[Route('/comment/publish', name: 'comment_reply_publish', methods: ['POST'])]
#[IsGranted('ROLE_USER')]
public function publish(Request $request, CommentReplyService $commentReply): JsonResponse
{
$raw = $request->getContent();
if ($raw === '') {
return $this->json(['ok' => false, 'error' => 'Empty body'], Response::HTTP_BAD_REQUEST);
}
try {
/** @var array<string, mixed> $data */
$data = json_decode($raw, true, 512, \JSON_THROW_ON_ERROR);
} catch (\JsonException) {
return $this->json(['ok' => false, 'error' => 'Invalid JSON'], Response::HTTP_BAD_REQUEST);
}
$token = $data['csrf'] ?? $request->headers->get('X-CSRF-TOKEN') ?? '';
if (!\is_string($token) || !$this->isCsrfTokenValid('comment_reply', $token)) {
return $this->json(['ok' => false, 'error' => 'Invalid CSRF token'], Response::HTTP_BAD_REQUEST);
}
$user = $this->getUser();
if (!$user instanceof User) {
return $this->json(['ok' => false, 'error' => 'Not logged in'], Response::HTTP_UNAUTHORIZED);
}
$out = $commentReply->publishFromRequestPayload($user, $data);
if ($out['ok'] === true) {
return $this->json(['ok' => true, 'id' => $out['id']]);
}
/** @var array{ok: false, error: string, code: int} $out */
return $this->json(['ok' => false, 'error' => $out['error']], $out['code']);
}
}