Integrate OpenAI moderation endpoint (conflict-clean)

[LynnColeArt]

This is a conflict-clean replacement for the moderation work originally proposed in PR #4.

Why this PR exists:

• The original PR became merge-conflicting after upstream introduced Presence DO env/binding changes.
• This branch preserves the intended behavior:
  • Pre-check article titles with OpenAI Moderation before generation.
  • Immediately mark flagged slugs as banned and remove them from KV.
  • Keep existing Presence DO bindings in wrangler.toml while adding OpenAI moderation configuration.
  • Reuse the same asynchronous moderation flow for comments in moderation.ts.

Please review this as the replacement for PR #4.

Related prior PR: #4

Summary by CodeRabbit

• New Features

  • Optional AI moderation for comments and generated pages: flagged comments are rejected before publishing and flagged pages are blocked from being served (returned as not found with noindex).
  • Flagged slugs are immediately removed/marked to prevent further processing and indexing.

• Chores

  • Configuration guidance updated to support enabling the AI moderation integration.

[coderabbitai]

No actionable comments were generated in the recent review. 🎉

ℹ️ Recent review info

⚙️ Run configuration

Configuration used: defaults

Review profile: CHILL

Plan: Pro Plus

Run ID: 48a1a098-cbaf-43cb-81df-2a233c5c77e3

📥 Commits

Reviewing files that changed from the base of the PR and between 2adbdb5 and 474e7a3.

📒 Files selected for processing (3)

• src/worker/comments.ts
• src/worker/index.ts
• wrangler.toml

🚧 Files skipped from review as they are similar to previous changes (3)

• wrangler.toml
• src/worker/comments.ts
• src/worker/index.ts

---

📝 Walkthrough

Walkthrough

Adds optional synchronous OpenAI moderation: comment POSTs are pre-moderated and rejected (400) if flagged; page title generation is pre-moderated and, if flagged, schedules slug banning and returns 404 noindex to avoid generation when OPENAI_API_KEY is set.

Changes

OpenAI Moderation System

Layer / File(s)	Summary
Moderation API client and slug banning src/worker/moderation.ts	openaiModerate() posts to OpenAI /v1/moderations (model omni-moderation-latest, ~4s timeout) and returns flagged status; banSlugNow() deletes the slug from ARTICLES KV and upserts an article_moderation row with status='banned' and reason='openai-moderation-precheck'.
Comment pre-save moderation src/worker/comments.ts	CommentsEnv gains optional OPENAI_API_KEY; comment creation route imports openaiModerate() and calls it on the trimmed body when the key is present, returning 400 for flagged comments before insertion while preserving background moderation.
Page generation pre-moderation gate src/worker/index.ts	Env gains optional OPENAI_API_KEY; /api/page/:slug calls openaiModerate() on the computed title, schedules banSlugNow() via waitUntil for flagged titles, and returns 404 with x-robots-tag: noindex, skipping generation streaming.
Configuration instructions wrangler.toml	Adds duplicated comments/instructions for provisioning OPENAI_API_KEY (e.g., pnpm wrangler secret put OPENAI_API_KEY).

Sequence Diagram(s)

sequenceDiagram
  participant Client
  participant CommentWorker as Comment Worker
  participant PageWorker as Page Worker
  participant OpenAI as OpenAI Moderation API
  participant DB as Database

  rect rgba(230,180,200,0.5)
  Note over Client,CommentWorker: Comment Creation Flow
  Client->>CommentWorker: POST /api/comments
  CommentWorker->>OpenAI: openaiModerate(commentText, apiKey)
  OpenAI-->>CommentWorker: flagged boolean
  alt flagged
    CommentWorker-->>Client: 400 (rejected)
  else not flagged
    CommentWorker->>DB: insert comment
    CommentWorker-->>Client: 201 (created)
  end
  end

  rect rgba(180,210,230,0.5)
  Note over Client,PageWorker: Page Generation Flow
  Client->>PageWorker: GET /api/page/:slug
  PageWorker->>OpenAI: openaiModerate(title, apiKey)
  OpenAI-->>PageWorker: flagged boolean
  alt flagged
    PageWorker->>DB: upsert article_moderation (banned)
    PageWorker->>PageWorker: delete from ARTICLES KV
    PageWorker-->>Client: 404 noindex (banned)
  else not flagged
    PageWorker-->>Client: stream generated content
  end
  end

Loading

Estimated code review effort

🎯 3 (Moderate) | ⏱️ ~20 minutes

Possibly related issues

• #16: Both changes modify the /api/page/:slug generation flow to add pre-generation gating/moderation that prevents content generation for flagged or disallowed titles.

Poem

🐰 I sniff the text at the gate,

If OpenAI frowns, I do not wait.
I stop the comment, I fence the slug,
Patch up the field with a careful hug.
Carrots safe and code kept neat!

🚥 Pre-merge checks | ✅ 5

✅ Passed checks (5 passed)

Check name	Status	Explanation
Description Check	✅ Passed	Check skipped - CodeRabbit’s high-level summary is enabled.
Title check	✅ Passed	The title accurately describes the main change: integrating OpenAI moderation endpoint functionality across comments, page generation, and moderation modules.
Docstring Coverage	✅ Passed	Docstring coverage is 100.00% which is sufficient. The required threshold is 80.00%.
Linked Issues check	✅ Passed	Check skipped because no linked issues were found for this pull request.
Out of Scope Changes check	✅ Passed	Check skipped because no linked issues were found for this pull request.

_{✏️ Tip: You can configure your own custom pre-merge checks in the settings.}

✨ Finishing Touches

🧪 Generate unit tests (beta)

• Create PR with unit tests

Warning

There were issues while running some tools. Please review the errors and either fix the tool's configuration or disable the tool if it's a critical failure.

🔧 ESLint

If the error stems from missing dependencies, add them to the package.json file. For unrecoverable errors (e.g., due to private dependencies), disable the tool in the CodeRabbit configuration.

ESLint skipped: no ESLint configuration detected in root package.json. To enable, add eslint to devDependencies.

---

_{Comment @coderabbitai help to get the list of available commands and usage tips.}

[coderabbitai]

Actionable comments posted: 2

🤖 Prompt for all review comments with AI agents

Verify each finding against current code. Fix only still-valid issues, skip the
rest with a brief reason, keep changes minimal, and validate.

Inline comments:
In `@src/worker/comments.ts`:
- Around line 425-431: The moderation call using openaiModerate guarded by
c.env.OPENAI_API_KEY is currently executed before ensureUser, letting expensive
OpenAI calls run even when ensureUser later rate-limits and returns 429; move
the entire block that calls openaiModerate and returns the flagged error so it
runs after the ensureUser invocation (preserve the same c.env.OPENAI_API_KEY
check and the returned JSON error) so cheap rate-limiting in ensureUser happens
first and only allowed requests consume OpenAI quota.

In `@src/worker/moderation.ts`:
- Around line 31-49: The fetch in openaiModerate lacks a timeout and can hang;
update openaiModerate to use an AbortController with a hard timeout (e.g., 3–10s
or configurable) by creating an AbortController, passing its signal into fetch,
scheduling a setTimeout to call controller.abort() after the timeout, and
clearing that timeout on success; ensure the catch handles aborted requests
(still returning false) and that the timer is always cleared to avoid leaks.

🪄 Autofix (Beta)

Fix all unresolved CodeRabbit comments on this PR:

• Push a commit to this branch (recommended)
• Create a new PR with the fixes

---

ℹ️ Review info

⚙️ Run configuration

Configuration used: defaults

Review profile: CHILL

Plan: Pro Plus

Run ID: 274e4fbc-f9b7-4d46-bb22-0c3bae4ab1d6

📥 Commits

Reviewing files that changed from the base of the PR and between 46759b0 and 8d8583a.

📒 Files selected for processing (4)

• src/worker/comments.ts
• src/worker/index.ts
• src/worker/moderation.ts
• wrangler.toml