From 05159a00612f59c436d2e7cd1e13568aa848ad9a Mon Sep 17 00:00:00 2001
From: TZGyn <ca538901d@mozmail.com>
Date: Tue, 20 Jun 2023 14:12:56 +0800
Subject: [PATCH] Update backend PostController (request validate & store
 method)

---
 .../app/Http/Controllers/PostController.php   | 73 ++++++++++++-------
 1 file changed, 47 insertions(+), 26 deletions(-)

diff --git a/backend/app/Http/Controllers/PostController.php b/backend/app/Http/Controllers/PostController.php
index 9bcd7f9..e98da31 100644
--- a/backend/app/Http/Controllers/PostController.php
+++ b/backend/app/Http/Controllers/PostController.php
@@ -10,51 +10,72 @@ class PostController extends Controller
 {
     public function index(Request $request): Response
     {
-        $lastPost = 0;
+        $request->validate(
+            [
+                'lastPost' => 'required|integer',
+            ]
+        );
 
-        if ($request->lastPost) {
-            $lastPost = $request->lastPost;
-        }
+        $lastPost = $request->lastPost;
 
         $posts = Post::query()
-            // ->select([
-            //     'title',
-            //     'description',
-        // ])
             ->where(column: 'sequence', operator: '>', value: $lastPost)
             ->take(10)
             ->get();
 
-        return response([
-            'status' => 200,
-            'data' => $posts,
-        ]);
+        return response(
+            [
+                'status' => 200,
+                'data' => $posts,
+            ]
+        );
     }
 
     public function store(Request $request): Response
     {
-        $postId = Post::query()->max(column: 'sequence');
+        $request->validate(
+            [
+                'title' => 'required|string',
+                'description' => 'required|string',
+            ]
+        );
+
+        $user = $request->user();
 
-        $postId = ! $postId ? 1 : $postId + 1;
+        if (! ($user instanceof User)) {
+            return response(
+                [
+                    'status' => 400,
+                    'message' => 'Invalid user',
+                ]
+            );
+        }
 
-        Post::query()->create([
-            'title' => "This is Post {$postId}",
-            'description' => "post {$postId} description",
-        ]);
+        $user->posts()->create(
+            [
+                'title' => $request->title,
+                'description' => $request->description,
+            ]
+        );
 
-        return response([
-            'status' => 200,
-            'message' => "Create Post {$postId} Success!",
-        ]);
+        return response(
+            [
+                'status' => 200,
+                'message' => 'Create Post Success!',
+            ]
+        );
     }
 
     public function show(string $id): Response
     {
         $post = Post::query()->find($id);
 
-        return response([
-            'status' => 200,
-            'data' => $post,
-        ]);
+        return response(
+            [
+                'status' => 200,
+                'data' => $post,
+            ]
+        );
+    }
     }
 }