method() !== 'POST') { http_response_code(405); Router::json(['ok' => false, 'error' => 'method_not_allowed']); return; } if (!Session::checkCsrfToken()) { http_response_code(403); Router::json(['ok' => false, 'error' => 'csrf']); return; } $session = app(SessionStoreInterface::class)->all(); $userId = (int) ($session['user']['id'] ?? 0); $groupId = (int) requestInput()->body('id'); if ($groupId <= 0) { http_response_code(400); Router::json(['ok' => false, 'error' => 'invalid_group_id']); return; } $service = app(BookmarkService::class); $deleted = $service->deleteGroup($userId, $groupId); if ($deleted) { app(SessionStoreInterface::class)->set('user_bookmarks', $service->listGroupedForUser($userId)); Router::json(['ok' => true]); return; } http_response_code(404); Router::json(['ok' => false, 'error' => 'not_found']);