diff options
| author | Roger Braun <roger@rogerbraun.net> | 2017-12-12 10:17:50 +0100 |
|---|---|---|
| committer | Roger Braun <roger@rogerbraun.net> | 2017-12-12 10:17:50 +0100 |
| commit | 888ec9e579169e899b58344b18fce860477d9bfc (patch) | |
| tree | f6e244059ce18d3ad4ce3de1df1228bf9f8c565f | |
| parent | a9c23e1c321c1bee5f315604358f3208a95784bb (diff) | |
| download | pleroma-888ec9e579169e899b58344b18fce860477d9bfc.tar.gz | |
ActivityPub: Check inbox requests for valid signature.
| -rw-r--r-- | lib/pleroma/web/activity_pub/activity_pub_controller.ex | 3 | ||||
| -rw-r--r-- | lib/pleroma/web/router.ex | 2 |
2 files changed, 4 insertions, 1 deletions
diff --git a/lib/pleroma/web/activity_pub/activity_pub_controller.ex b/lib/pleroma/web/activity_pub/activity_pub_controller.ex index a9c0401bc..0f631dd4b 100644 --- a/lib/pleroma/web/activity_pub/activity_pub_controller.ex +++ b/lib/pleroma/web/activity_pub/activity_pub_controller.ex @@ -18,7 +18,8 @@ defmodule Pleroma.Web.ActivityPub.ActivityPubController do end end - def inbox(conn, params) do + # TODO: Move signature failure halt into plug + def inbox(%{assigns: %{valid_signature: true}} = conn, params) do {:ok, activity} = ActivityPub.insert(params, false) json(conn, "ok") end diff --git a/lib/pleroma/web/router.ex b/lib/pleroma/web/router.ex index 4803a6370..4f9ebf5e8 100644 --- a/lib/pleroma/web/router.ex +++ b/lib/pleroma/web/router.ex @@ -219,9 +219,11 @@ defmodule Pleroma.Web.Router do pipeline :activitypub do plug :accepts, ["activity+json"] + plug Pleroma.Web.Plugs.HTTPSignaturePlug end scope "/", Pleroma.Web.ActivityPub do + pipe_through :activitypub post "/users/:nickname/inbox", ActivityPubController, :inbox end |