/** * POST /follow - Follow a user * DELETE /follow - Unfollow a user * * Design intent: * - Following is explicit and intentional * - Mutual follow enables conversation * - Cannot follow if blocked */ import { serve } from 'https://deno.land/std@0.177.0/http/server.ts'; import { createSupabaseClient } from '../_shared/supabase-client.ts'; import { validateUUID, ValidationError } from '../_shared/validation.ts'; interface FollowRequest { user_id: string; // the user to follow/unfollow } serve(async (req) => { if (req.method === 'OPTIONS') { return new Response(null, { headers: { 'Access-Control-Allow-Origin': '*', 'Access-Control-Allow-Methods': 'POST, DELETE', 'Access-Control-Allow-Headers': 'authorization, x-client-info, apikey, content-type', }, }); } try { const authHeader = req.headers.get('Authorization'); if (!authHeader) { return new Response(JSON.stringify({ error: 'Missing authorization header' }), { status: 401, headers: { 'Content-Type': 'application/json' }, }); } const supabase = createSupabaseClient(authHeader); const { data: { user }, error: authError, } = await supabase.auth.getUser(); if (authError || !user) { return new Response(JSON.stringify({ error: 'Unauthorized' }), { status: 401, headers: { 'Content-Type': 'application/json' }, }); } let { user_id: following_id } = (await req.json()) as FollowRequest; validateUUID(following_id, 'user_id'); following_id = following_id.toLowerCase(); if (following_id === user.id.toLowerCase()) { return new Response( JSON.stringify({ error: 'Cannot follow yourself' }), { status: 400, headers: { 'Content-Type': 'application/json' } } ); } // Handle unfollow if (req.method === 'DELETE') { const { error: deleteError } = await supabase .from('follows') .delete() .eq('follower_id', user.id) .eq('following_id', following_id); if (deleteError) { console.error('Error unfollowing:', deleteError); return new Response(JSON.stringify({ error: 'Failed to unfollow' }), { status: 500, headers: { 'Content-Type': 'application/json' }, }); } return new Response(JSON.stringify({ success: true, message: 'Unfollowed' }), { status: 200, headers: { 'Content-Type': 'application/json' }, }); } // Handle follow (POST) via request_follow const { data: status, error: followError } = await supabase .rpc('request_follow', { target_id: following_id }); if (followError) { if (followError.message?.includes('Cannot follow') || followError.code === '23514') { return new Response( JSON.stringify({ error: 'Cannot follow this user' }), { status: 403, headers: { 'Content-Type': 'application/json' } } ); } console.error('Error following:', followError); return new Response(JSON.stringify({ error: 'Failed to follow' }), { status: 500, headers: { 'Content-Type': 'application/json' }, }); } const followStatus = status as string | null; const message = followStatus === 'pending' ? 'Request sent.' : 'Followed. Mutual follow enables conversation.'; return new Response( JSON.stringify({ success: true, status: followStatus, message, }), { status: 200, headers: { 'Content-Type': 'application/json' }, } ); } catch (error) { if (error instanceof ValidationError) { return new Response( JSON.stringify({ error: 'Validation error', message: error.message }), { status: 400, headers: { 'Content-Type': 'application/json' } } ); } console.error('Unexpected error:', error); return new Response(JSON.stringify({ error: 'Internal server error' }), { status: 500, headers: { 'Content-Type': 'application/json' }, }); } });