import type { Route } from "./+types/api.posts"; import { createPost, listPosts } from "~/lib/db.server"; import { renderMarkdown } from "~/lib/md.server"; export async function loader() { const posts = listPosts(); return Response.json( posts.map((p) => ({ ...p, html: renderMarkdown(p.content) })) ); } export async function action({ request }: Route.ActionArgs) { if (request.method !== "POST") { return Response.json({ error: "Method not allowed" }, { status: 405 }); } const token = process.env.REGISTER_TOKEN; const auth = request.headers.get("Authorization") ?? ""; if (!token || auth !== `Bearer ${token}`) { return Response.json({ error: "Unauthorized" }, { status: 401 }); } let content: string; const ct = request.headers.get("content-type") ?? ""; if (ct.includes("application/json")) { const body = (await request.json()) as { content?: unknown }; content = String(body.content ?? "").trim(); } else { const form = await request.formData(); content = String(form.get("content") ?? "").trim(); } if (!content) { return Response.json({ error: "content is required" }, { status: 400 }); } if (content.length > 10000) { return Response.json( { error: "content too long (max 10000 chars)" }, { status: 400 } ); } const post = createPost({ id: crypto.randomUUID(), content }); return Response.json( { ...post, html: renderMarkdown(post.content) }, { status: 201 } ); }