projects / akkoma / blob
? search:
summary | shortlog | log | commit | commitdiff | tree
history | raw | HEAD
Simplified HTTP signature processing
[akkoma] / lib / pleroma / web / plugs / ensure_http_signature_plug.ex
1 # Akkoma: Magically expressive social media
2 # Copyright © 2022-2022 Akkoma Authors <https://akkoma.dev/>
3 # SPDX-License-Identifier: AGPL-3.0-only
4
5 defmodule Pleroma.Web.Plugs.EnsureHTTPSignaturePlug do
6 @moduledoc """
7 Ensures HTTP signature has been validated by previous plugs on ActivityPub requests.
8 """
9 import Plug.Conn
10 import Phoenix.Controller, only: [get_format: 1, text: 2]
11
12 alias Pleroma.Config
13
14 def init(options) do
15 options
16 end
17
18 def call(%{assigns: %{valid_signature: true}} = conn, _), do: conn
19
20 def call(conn, _) do
21 with true <- get_format(conn) in ["json", "activity+json"],
22 true <- Config.get([:activitypub, :authorized_fetch_mode], true) do
23 conn
24 |> put_status(:unauthorized)
25 |> text("Request not signed")
26 |> halt()
27 else
28 _ -> conn
29 end
30 end
31 end
Fork of https://akkoma.dev/AkkomaGang/akkoma.git