Improve request validation.

server/api/image.go

@@ -12,17 +12,14 @@ import (
 func handleUploadImage(c fiber.Ctx) error {
 	uid, ok := c.Locals("uid").(uint)
 	if !ok {
-		return model.NewUnAuthorizedError("Unauthorized")
-	}
-	if err := service.HavePermissionToUpload(uid); err != nil {
-		return err
+		return model.NewUnAuthorizedError("You must be logged in to upload an image")
 	}
 	data := c.Body()
 	contentType := http.DetectContentType(data)
 	if !strings.HasPrefix(contentType, "image/") {
 		return model.NewRequestError("Invalid image format")
 	}
-	id, err := service.CreateImage(data)
+	id, err := service.CreateImage(uid, data)
 	if err != nil {
 		return err
 	}
@@ -64,10 +61,7 @@ func handleDeleteImage(c fiber.Ctx) error {
 	if !ok {
 		return model.NewUnAuthorizedError("Unauthorized")
 	}
-	if err := service.HavePermissionToUpload(uid); err != nil {
-		return err
-	}
-	if err := service.DeleteImage(uint(id)); err != nil {
+	if err := service.DeleteImage(uid, uint(id)); err != nil {
 		return err
 	}
 	return c.Status(fiber.StatusOK).JSON(model.Response[any]{

server/api/tag.go

@@ -12,7 +12,11 @@ func handleCreateTag(c fiber.Ctx) error {
 	if tag == "" {
 		return model.NewRequestError("name is required")
 	}
-	t, err := service.CreateTag(tag)
+	uid, ok := c.Locals("uid").(uint)
+	if !ok {
+		return model.NewUnAuthorizedError("You must be logged in to create a tag")
+	}
+	t, err := service.CreateTag(uid, tag)
 	if err != nil {
 		return err
 	}

server/api/user.go

@@ -16,12 +16,6 @@ func handleUserRegister(c fiber.Ctx) error {
 	if username == "" || password == "" {
 		return model.NewRequestError("Username and password are required")
 	}
-	if len(password) < 6 {
-		return model.NewRequestError("Password must be at least 6 characters long")
-	}
-	if len(username) < 3 {
-		return model.NewRequestError("Username must be at least 3 characters long")
-	}
 	user, err := service.CreateUser(username, password)
 	if err != nil {
 		return err