From 74a524ded12c6527745957ac219e1ca34828aa6c Mon Sep 17 00:00:00 2001
From: Daniel Weipert <git@mail.dweipert.de>
Date: Fri, 10 Apr 2026 13:37:26 +0200
Subject: switch routing to attributes

---
 src/Controllers/Client/UserController.php | 71 +++++++++++++++++++++++++++++++
 1 file changed, 71 insertions(+)
 create mode 100755 src/Controllers/Client/UserController.php

(limited to 'src/Controllers/Client/UserController.php')

diff --git a/src/Controllers/Client/UserController.php b/src/Controllers/Client/UserController.php
new file mode 100755
index 0000000..038caba
--- /dev/null
+++ b/src/Controllers/Client/UserController.php
@@ -0,0 +1,71 @@
+<?php
+
+namespace App\Controllers\Client;
+
+use App\Database;
+use App\Errors\UnauthorizedError;
+use App\Models\Device;
+use App\Models\User;
+use App\Support\RequestValidator;
+use Matrix\Responses\ClientAccountWhoamiGetResponse;
+use Symfony\Component\HttpFoundation\Request;
+use Symfony\Component\HttpFoundation\Response;
+use Symfony\Component\HttpFoundation\JsonResponse;
+use Symfony\Component\Routing\Attribute\Route;
+
+class UserController
+{
+  #[Route(path: "/_matrix/client/v3/account/whoami", methods: ["GET"])]
+  public function whoami(Request $request): Response
+  {
+    $user = User::authenticateWithRequest($request);
+    $device = Device::fetch(userId: $user->getId());
+
+    return new JsonResponse(new ClientAccountWhoamiGetResponse(
+      userId: $user->getId(),
+      deviceId: $device->getId(),
+    ));
+  }
+
+  /**
+   * @see https://spec.matrix.org/v1.16/client-server-api/#post_matrixclientv3useruseridfilter
+   */
+  #[Route(path: "/_matrix/client/r0/user/{userId}/filter", methods: ["POST"])]
+  #[Route(path: "/_matrix/client/v3/user/{userId}/filter", methods: ["POST"])]
+  public function uploadFilter(Request $request): Response
+  {
+    $accessToken = str_replace("Bearer ", "", $request->headers->get("authorization") ?: "");
+    $user = User::fetchWithAccessToken($accessToken);
+
+    if (empty($user)) {
+      throw new UnauthorizedError();
+    }
+
+    $userId = $request->get("userId");
+    if ($user->getId() !== $userId) {
+      throw new UnauthorizedError();
+    }
+
+    $body = json_decode($request->getContent(), true);
+    RequestValidator::validateJson();
+
+    $filterId = md5($userId . random_bytes(512));
+
+    Database::getInstance()->query(<<<SQL
+      insert into filters (id, account_data, event_fields, event_format, presence, room, user_id)
+      values (:id, :account_data, :event_fields, :event_format, :presence, :room, :user_id)
+    SQL, [
+      "id" => $filterId,
+      "account_data" => isset($body["account_data"]) ? json_encode($body["account_data"]) : null,
+      "event_fields" => isset($body["event_fields"]) ? json_encode($body["event_fields"]) : null,
+      "event_format" => isset($body["event_format"]) ? json_encode($body["event_format"]) : null,
+      "presence" => isset($body["presence"]) ? json_encode($body["presence"]) : null,
+      "room" => isset($body["room"]) ? json_encode($body["room"]) : null,
+      "user_id" => $userId,
+    ]);
+
+    return new JsonResponse([
+      "filter_id" => $filterId,
+    ]);
+  }
+}
-- 
cgit v1.2.3