Skip to content

Commit 7e7ac58

Browse files
committed
Fix assembly embed: hide statements when auth required, support anon votes
Two fixes: - Auth-required conversations no longer show statement text to unauthenticated users, just the sign-in button - Anonymous voting works when conversation doesn't require auth (no longer silently fails when user isn't logged into blacksky.community)
1 parent bfe0959 commit 7e7ac58

1 file changed

Lines changed: 30 additions & 26 deletions

File tree

src/components/Post/Embed/ExternalEmbed/AssemblyEmbed.tsx

Lines changed: 30 additions & 26 deletions
Original file line numberDiff line numberDiff line change
@@ -140,44 +140,55 @@ export function AssemblyEmbed({
140140

141141
const handleVote = useCallback(
142142
async (value: -1 | 0 | 1) => {
143-
if (!statement || voting || !agent.session) return
143+
if (!statement || voting) return
144144
setVoting(true)
145145
setError(null)
146146

147147
try {
148-
// 1. Create signed vote record in user's repo.
148+
let voteAtUri: string | undefined
149+
150+
// If authenticated, create a signed vote record in user's repo.
149151
// This IS the authentication — only the DID owner can create
150152
// records in their repo. The PDS validates the signing key.
151-
const createResult = await agent.com.atproto.repo.createRecord({
152-
repo: agent.assertDid,
153-
collection: 'community.blacksky.assembly.vote',
154-
record: {
155-
$type: 'community.blacksky.assembly.vote',
156-
subject: {
157-
uri: statement.at_uri || '',
158-
cid: statement.at_cid || '',
153+
if (agent.session) {
154+
const createResult = await agent.com.atproto.repo.createRecord({
155+
repo: agent.assertDid,
156+
collection: 'community.blacksky.assembly.vote',
157+
record: {
158+
$type: 'community.blacksky.assembly.vote',
159+
subject: {
160+
uri: statement.at_uri || '',
161+
cid: statement.at_cid || '',
162+
},
163+
value,
164+
createdAt: new Date().toISOString(),
159165
},
160-
value,
161-
createdAt: new Date().toISOString(),
162-
},
163-
})
166+
})
167+
voteAtUri = createResult.data.uri
168+
}
164169

165-
// 2. Submit the AT URI to assembly's verified vote endpoint.
166-
// The server fetches the record from the user's PDS to verify
167-
// the DID owner actually created it — no impersonation possible.
170+
// Submit to assembly's verified vote endpoint.
171+
// If authenticated: server fetches the record from user's PDS to verify.
172+
// If anonymous: server accepts the vote directly (conversation allows it).
168173
const voteResp = await fetch(`${ASSEMBLY_API}/embed/vote`, {
169174
method: 'POST',
170175
headers: {'Content-Type': 'application/json'},
171176
body: JSON.stringify({
172177
conversation_id: conversationId,
173178
tid: statement.tid,
174179
vote: value,
175-
vote_at_uri: createResult.data.uri,
180+
...(voteAtUri ? {vote_at_uri: voteAtUri} : {}),
176181
}),
177182
})
178183

179184
if (!voteResp.ok) {
180-
throw new Error('Vote submission failed')
185+
const errBody = await voteResp.text()
186+
if (errBody.includes('polis_err_post_votes_social_needed')) {
187+
setError('Sign in required to vote.')
188+
} else {
189+
throw new Error('Vote submission failed')
190+
}
191+
return
181192
}
182193

183194
const voteResult = (await voteResp.json()) as VoteResponse
@@ -296,13 +307,6 @@ export function AssemblyEmbed({
296307
topic={data.conversation.topic}
297308
description={data.conversation.description}
298309
/>
299-
{statement ? (
300-
<View style={styles.statementCard}>
301-
<Text style={[a.text_md, a.font_bold, {lineHeight: 22}]}>
302-
{statement.txt}
303-
</Text>
304-
</View>
305-
) : null}
306310
<Pressable
307311
style={styles.signInButton}
308312
onPress={openAssembly}

0 commit comments

Comments
 (0)