aboutsummaryrefslogtreecommitdiffhomepage
path: root/server/middlewares/activitypub.ts
diff options
context:
space:
mode:
authorChocobozzz <florian.bigard@gmail.com>2017-11-14 17:31:26 +0100
committerChocobozzz <florian.bigard@gmail.com>2017-11-27 19:40:51 +0100
commit350e31d6b64e4973dfa5e9f7b46841cb09aeb1ad (patch)
treef4191f3c04a5230fcf8ca3d6ca3248643fc4151d /server/middlewares/activitypub.ts
parente34c85e527100c0b5c44567bd951e95be41b8d7e (diff)
downloadPeerTube-350e31d6b64e4973dfa5e9f7b46841cb09aeb1ad.tar.gz
PeerTube-350e31d6b64e4973dfa5e9f7b46841cb09aeb1ad.tar.zst
PeerTube-350e31d6b64e4973dfa5e9f7b46841cb09aeb1ad.zip
Follow works
Diffstat (limited to 'server/middlewares/activitypub.ts')
-rw-r--r--server/middlewares/activitypub.ts32
1 files changed, 17 insertions, 15 deletions
diff --git a/server/middlewares/activitypub.ts b/server/middlewares/activitypub.ts
index 6cf8eea6f..bed2bfeab 100644
--- a/server/middlewares/activitypub.ts
+++ b/server/middlewares/activitypub.ts
@@ -1,12 +1,9 @@
1import { Request, Response, NextFunction } from 'express' 1import { NextFunction, Request, Response, RequestHandler } from 'express'
2
3import { database as db } from '../initializers'
4import {
5 logger,
6 getAccountFromWebfinger,
7 isSignatureVerified
8} from '../helpers'
9import { ActivityPubSignature } from '../../shared' 2import { ActivityPubSignature } from '../../shared'
3import { isSignatureVerified, logger } from '../helpers'
4import { fetchRemoteAccountAndCreatePod } from '../helpers/activitypub'
5import { database as db, ACTIVITY_PUB_ACCEPT_HEADER } from '../initializers'
6import { each, eachSeries, waterfall } from 'async'
10 7
11async function checkSignature (req: Request, res: Response, next: NextFunction) { 8async function checkSignature (req: Request, res: Response, next: NextFunction) {
12 const signatureObject: ActivityPubSignature = req.body.signature 9 const signatureObject: ActivityPubSignature = req.body.signature
@@ -17,35 +14,40 @@ async function checkSignature (req: Request, res: Response, next: NextFunction)
17 14
18 // We don't have this account in our database, fetch it on remote 15 // We don't have this account in our database, fetch it on remote
19 if (!account) { 16 if (!account) {
20 account = await getAccountFromWebfinger(signatureObject.creator) 17 const accountResult = await fetchRemoteAccountAndCreatePod(signatureObject.creator)
21 18
22 if (!account) { 19 if (!accountResult) {
23 return res.sendStatus(403) 20 return res.sendStatus(403)
24 } 21 }
25 22
26 // Save our new account in database 23 // Save our new account in database
24 account = accountResult.account
27 await account.save() 25 await account.save()
28 } 26 }
29 27
30 const verified = await isSignatureVerified(account, req.body) 28 const verified = await isSignatureVerified(account, req.body)
31 if (verified === false) return res.sendStatus(403) 29 if (verified === false) return res.sendStatus(403)
32 30
33 res.locals.signature.account = account 31 res.locals.signature = {
32 account
33 }
34 34
35 return next() 35 return next()
36} 36}
37 37
38function executeIfActivityPub (fun: any | any[]) { 38function executeIfActivityPub (fun: RequestHandler | RequestHandler[]) {
39 return (req: Request, res: Response, next: NextFunction) => { 39 return (req: Request, res: Response, next: NextFunction) => {
40 if (req.header('Accept') !== 'application/ld+json; profile="https://www.w3.org/ns/activitystreams"') { 40 if (req.header('Accept') !== ACTIVITY_PUB_ACCEPT_HEADER) {
41 return next() 41 return next()
42 } 42 }
43 43
44 if (Array.isArray(fun) === true) { 44 if (Array.isArray(fun) === true) {
45 fun[0](req, res, next) // FIXME: doesn't work 45 return eachSeries(fun as RequestHandler[], (f, cb) => {
46 f(req, res, cb)
47 }, next)
46 } 48 }
47 49
48 return fun(req, res, next) 50 return (fun as RequestHandler)(req, res, next)
49 } 51 }
50} 52}
51 53