zzstoatzz.io / pds.js
forked from chadtmiller.com/pds.js
A zero-dependency AT Protocol Personal Data Server written in JavaScript
fork atom

add xyz.fake.inbox.unblock endpoint

allows users to unblock previously blocked senders

🤖 Generated with [Claude Code](https://claude.com/claude-code)

Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>

zzstoatzz.io 308443fb 2bd9419d

+25
unified split
+25
src/pds.js
··· 1661 method: 'POST', 1662 handler: (pds, req, _url) => pds.handleInboxReject(req), 1663 }, 1664 '/xrpc/xyz.fake.inbox.getState': { 1665 handler: (pds, _req, _url) => pds.handleInboxGetState(), 1666 }, ··· 3443 // Remove any pending request 3444 this.sql.exec('DELETE FROM inbox_requests WHERE fromDid = ?', senderDid); 3445 3446 // Block sender 3447 this.sql.exec('INSERT OR IGNORE INTO inbox_blocked (did) VALUES (?)', senderDid); 3448 ··· 3464 .map((r) => r.did); 3465 3466 return Response.json({ accepted, blocked }); 3467 } 3468 3469 /** ··· 3944 '/xrpc/xyz.fake.inbox.listRequests', 3945 '/xrpc/xyz.fake.inbox.accept', 3946 '/xrpc/xyz.fake.inbox.reject', 3947 '/xrpc/xyz.fake.inbox.getState', 3948 ]; 3949 if (inboxAuthEndpoints.includes(url.pathname)) {
··· 1661 method: 'POST', 1662 handler: (pds, req, _url) => pds.handleInboxReject(req), 1663 }, 1664 + '/xrpc/xyz.fake.inbox.unblock': { 1665 + method: 'POST', 1666 + handler: (pds, req, _url) => pds.handleInboxUnblock(req), 1667 + }, 1668 '/xrpc/xyz.fake.inbox.getState': { 1669 handler: (pds, _req, _url) => pds.handleInboxGetState(), 1670 }, ··· 3447 // Remove any pending request 3448 this.sql.exec('DELETE FROM inbox_requests WHERE fromDid = ?', senderDid); 3449 3450 + // Remove from accepted if previously accepted 3451 + this.sql.exec('DELETE FROM inbox_accepted WHERE did = ?', senderDid); 3452 + 3453 // Block sender 3454 this.sql.exec('INSERT OR IGNORE INTO inbox_blocked (did) VALUES (?)', senderDid); 3455 ··· 3471 .map((r) => r.did); 3472 3473 return Response.json({ accepted, blocked }); 3474 + } 3475 + 3476 + /** 3477 + * Unblock a previously blocked sender (auth verified at routing level) 3478 + * @param {Request} request 3479 + */ 3480 + async handleInboxUnblock(request) { 3481 + const body = await request.json(); 3482 + const senderDid = body.did; 3483 + 3484 + if (!senderDid) { 3485 + return errorResponse('InvalidRequest', 'missing did', 400); 3486 + } 3487 + 3488 + this.sql.exec('DELETE FROM inbox_blocked WHERE did = ?', senderDid); 3489 + 3490 + return Response.json({ status: 'unblocked' }); 3491 } 3492 3493 /** ··· 3968 '/xrpc/xyz.fake.inbox.listRequests', 3969 '/xrpc/xyz.fake.inbox.accept', 3970 '/xrpc/xyz.fake.inbox.reject', 3971 + '/xrpc/xyz.fake.inbox.unblock', 3972 '/xrpc/xyz.fake.inbox.getState', 3973 ]; 3974 if (inboxAuthEndpoints.includes(url.pathname)) {