public function __invoke(ServerRequestInterface $request, ResponseInterface $response) { $id = $request->getAttribute('id'); $secret = $request->getAttribute('secret'); if ($secret !== $this->secret) { return $response->withStatus(400, 'not authenticated'); } $comment = $this->repository->load($id); $this->repository->delete($comment); }