ActivityPub: Check inbox requests for valid signature.
This commit is contained in:
parent
a9c23e1c32
commit
888ec9e579
|
@ -18,7 +18,8 @@ def object(conn, %{"uuid" => uuid}) do
|
||||||
end
|
end
|
||||||
end
|
end
|
||||||
|
|
||||||
def inbox(conn, params) do
|
# TODO: Move signature failure halt into plug
|
||||||
|
def inbox(%{assigns: %{valid_signature: true}} = conn, params) do
|
||||||
{:ok, activity} = ActivityPub.insert(params, false)
|
{:ok, activity} = ActivityPub.insert(params, false)
|
||||||
json(conn, "ok")
|
json(conn, "ok")
|
||||||
end
|
end
|
||||||
|
|
|
@ -219,9 +219,11 @@ def user_fetcher(username) do
|
||||||
|
|
||||||
pipeline :activitypub do
|
pipeline :activitypub do
|
||||||
plug :accepts, ["activity+json"]
|
plug :accepts, ["activity+json"]
|
||||||
|
plug Pleroma.Web.Plugs.HTTPSignaturePlug
|
||||||
end
|
end
|
||||||
|
|
||||||
scope "/", Pleroma.Web.ActivityPub do
|
scope "/", Pleroma.Web.ActivityPub do
|
||||||
|
pipe_through :activitypub
|
||||||
post "/users/:nickname/inbox", ActivityPubController, :inbox
|
post "/users/:nickname/inbox", ActivityPubController, :inbox
|
||||||
end
|
end
|
||||||
|
|
||||||
|
|
Loading…
Reference in New Issue