50 lines
1.1 KiB
Go
50 lines
1.1 KiB
Go
package handler
|
|
|
|
import (
|
|
"encoding/json"
|
|
"log"
|
|
"net/http"
|
|
"strings"
|
|
)
|
|
|
|
func (h *Handler) Delete(w http.ResponseWriter, r *http.Request) {
|
|
id := r.PathValue("id")
|
|
if id == "" {
|
|
http.NotFound(w, r)
|
|
return
|
|
}
|
|
|
|
auth := r.Header.Get("Authorization")
|
|
if !strings.HasPrefix(auth, "Bearer ") {
|
|
http.Error(w, "Authorization: Bearer <delete_token> required", http.StatusUnauthorized)
|
|
return
|
|
}
|
|
token := strings.TrimPrefix(auth, "Bearer ")
|
|
|
|
rec, err := h.store.Get(id)
|
|
if err != nil {
|
|
http.NotFound(w, r)
|
|
return
|
|
}
|
|
|
|
if rec.DeleteToken != token {
|
|
http.Error(w, "invalid delete token", http.StatusForbidden)
|
|
return
|
|
}
|
|
|
|
if err := h.r2.Delete(r.Context(), rec.R2Key); err != nil {
|
|
log.Printf("r2 delete error: %v", err)
|
|
http.Error(w, "failed to delete from storage", http.StatusInternalServerError)
|
|
return
|
|
}
|
|
|
|
if err := h.store.Delete(id); err != nil {
|
|
log.Printf("db delete error: %v", err)
|
|
http.Error(w, "internal error", http.StatusInternalServerError)
|
|
return
|
|
}
|
|
|
|
w.Header().Set("Content-Type", "application/json")
|
|
json.NewEncoder(w).Encode(map[string]string{"status": "deleted", "id": id})
|
|
}
|