diff --git a/public_html/dispatch.php b/public_html/dispatch.php
index 84e4a1d6..87f7c0d5 100644
--- a/public_html/dispatch.php
+++ b/public_html/dispatch.php
@@ -132,18 +132,20 @@ $tagValidation =
 \Chibi\Router::register(['TagController', 'mergeView'], 'GET', '/tags-merge', $tagValidation);
 \Chibi\Router::register(['TagController', 'mergeAction'], 'POST', '/tags-merge', $tagValidation);
 
+$userValidations =
+[
+	'name' => '[^\/]+',
+	'page' => '\d*',
+	'tab' => 'favs|uploads',
+	'filter' => '[^\/]+',
+];
+
+\Chibi\Router::register(['UserController', 'flagAction'], 'POST', '/user/{name}/flag', $userValidations);
+
 foreach (['GET', 'POST'] as $method)
 {
 	\Chibi\Router::register(['TagController', 'massTagRedirectAction'], $method, '/mass-tag-redirect', $tagValidation);
 
-	$userValidations =
-	[
-		'name' => '[^\/]+',
-		'page' => '\d*',
-		'tab' => 'favs|uploads',
-		'filter' => '[^\/]+',
-	];
-
 	\Chibi\Router::register(['UserController', 'registrationAction'], $method, '/register', $userValidations);
 	\Chibi\Router::register(['UserController', 'viewAction'], $method, '/user/{name}/{tab}', $userValidations);
 	\Chibi\Router::register(['UserController', 'viewAction'], $method, '/user/{name}/{tab}/{page}', $userValidations);
@@ -151,7 +153,6 @@ foreach (['GET', 'POST'] as $method)
 	\Chibi\Router::register(['UserController', 'listAction'], $method, '/users/{page}', $userValidations);
 	\Chibi\Router::register(['UserController', 'listAction'], $method, '/users/{filter}', $userValidations);
 	\Chibi\Router::register(['UserController', 'listAction'], $method, '/users/{filter}/{page}', $userValidations);
-	\Chibi\Router::register(['UserController', 'flagAction'], $method, '/user/{name}/flag', $userValidations);
 	\Chibi\Router::register(['UserController', 'banAction'], $method, '/user/{name}/ban', $userValidations);
 	\Chibi\Router::register(['UserController', 'unbanAction'], $method, '/user/{name}/unban', $userValidations);
 	\Chibi\Router::register(['UserController', 'acceptRegistrationAction'], $method, '/user/{name}/accept-registration', $userValidations);
diff --git a/src/Api/AbstractJob.php b/src/Api/AbstractJob.php
index 32139658..7c2d0e30 100644
--- a/src/Api/AbstractJob.php
+++ b/src/Api/AbstractJob.php
@@ -6,6 +6,7 @@ abstract class AbstractJob
 	const POST_NAME = 'post-name';
 	const TAG_NAME = 'tag-name';
 	const TAG_NAMES = 'tags';
+	const USER_NAME = 'user-name';
 	const TEXT = 'text';
 	const PAGE_NUMBER = 'page-number';
 	const QUERY = 'query';
diff --git a/src/Api/AbstractUserJob.php b/src/Api/AbstractUserJob.php
new file mode 100644
index 00000000..00dab341
--- /dev/null
+++ b/src/Api/AbstractUserJob.php
@@ -0,0 +1,11 @@
+<?php
+abstract class AbstractUserJob extends AbstractJob
+{
+	protected $user;
+
+	public function prepare()
+	{
+		$userName = $this->getArgument(self::USER_NAME);
+		$this->user = UserModel::findByNameOrEmail($userName);
+	}
+}
diff --git a/src/Api/Jobs/FlagUserJob.php b/src/Api/Jobs/FlagUserJob.php
new file mode 100644
index 00000000..21870776
--- /dev/null
+++ b/src/Api/Jobs/FlagUserJob.php
@@ -0,0 +1,40 @@
+<?php
+class FlagUserJob extends AbstractUserJob
+{
+	public function execute()
+	{
+		$user = $this->user;
+		$key = TextHelper::reprUser($user);
+
+		$flagged = SessionHelper::get('flagged', []);
+		if (in_array($key, $flagged))
+			throw new SimpleException('You already flagged this user');
+		$flagged []= $key;
+		SessionHelper::set('flagged', $flagged);
+
+		LogHelper::log('{user} flagged {subject} for moderator attention', [
+			'user' => TextHelper::reprUser(Auth::getCurrentUser()),
+			'subject' => TextHelper::reprUser($user)]);
+
+		return $user;
+	}
+
+	public function requiresPrivilege()
+	{
+		return
+		[
+			Privilege::FlagUser,
+			Access::getIdentity($this->user)
+		];
+	}
+
+	public function requiresAuthentication()
+	{
+		return false;
+	}
+
+	public function requiresConfirmedEmail()
+	{
+		return false;
+	}
+}
diff --git a/src/Controllers/UserController.php b/src/Controllers/UserController.php
index 09c3f9c1..3a641e32 100644
--- a/src/Controllers/UserController.php
+++ b/src/Controllers/UserController.php
@@ -28,24 +28,7 @@ class UserController
 
 	public function flagAction($name)
 	{
-		$user = UserModel::findByNameOrEmail($name);
-		Access::assert(
-			Privilege::FlagUser,
-			Access::getIdentity($user));
-
-		if (!InputHelper::get('submit'))
-			return;
-
-		$key = TextHelper::reprUser($user);
-
-		$flagged = SessionHelper::get('flagged', []);
-		if (in_array($key, $flagged))
-			throw new SimpleException('You already flagged this user');
-		$flagged []= $key;
-		SessionHelper::set('flagged', $flagged);
-
-		LogHelper::log('{user} flagged {subject} for moderator attention', [
-			'subject' => TextHelper::reprUser($user)]);
+		Api::run(new FlagUserJob(), [FlagUserJob::USER_NAME => $name]);
 	}
 
 	public function banAction($name)