ActivityPub: Check inbox requests for valid signature.

This commit is contained in:
Roger Braun 2017-12-12 10:17:50 +01:00
parent a9c23e1c32
commit 888ec9e579
2 changed files with 4 additions and 1 deletions

View File

@ -18,7 +18,8 @@ def object(conn, %{"uuid" => uuid}) do
end
end
def inbox(conn, params) do
# TODO: Move signature failure halt into plug
def inbox(%{assigns: %{valid_signature: true}} = conn, params) do
{:ok, activity} = ActivityPub.insert(params, false)
json(conn, "ok")
end

View File

@ -219,9 +219,11 @@ def user_fetcher(username) do
pipeline :activitypub do
plug :accepts, ["activity+json"]
plug Pleroma.Web.Plugs.HTTPSignaturePlug
end
scope "/", Pleroma.Web.ActivityPub do
pipe_through :activitypub
post "/users/:nickname/inbox", ActivityPubController, :inbox
end