initial deployment v1.0

src/routes/api/report/+server.js

@@ -0,0 +1,35 @@
+import { json, error } from '@sveltejs/kit';
+import { nanoid } from 'nanoid';
+import { insertReport, getPersonalityById } from '$lib/server/db.js';
+import { checkPublishRate, getClientIp } from '$lib/server/ratelimit.js';
+
+const VALID_REASONS = ['incorrect-data', 'duplicate', 'inappropriate', 'spam', 'other'];
+
+export async function POST({ request }) {
+  const ip   = getClientIp(request);
+  const rate = checkPublishRate(ip);
+  if (!rate.allowed) throw error(429, `Too many reports. Try again later.`);
+
+  let body;
+  try { body = await request.json(); }
+  catch { throw error(400, 'Invalid JSON'); }
+
+  const { personality_id, reason, notes } = body;
+
+  if (!personality_id || typeof personality_id !== 'string') throw error(400, 'Missing personality_id');
+  if (!VALID_REASONS.includes(reason)) throw error(400, 'Invalid reason');
+
+  const record = getPersonalityById(personality_id);
+  if (!record || record.deleted_at) throw error(404, 'Personality not found');
+
+  insertReport({
+    id:             nanoid(10),
+    personality_id,
+    reason,
+    notes:          typeof notes === 'string' ? notes.trim().slice(0, 500) : null,
+    reporter_ip:    ip,
+    created_at:     new Date().toISOString()
+  });
+
+  return json({ success: true }, { status: 201 });
+}