From: Roger Braun Date: Tue, 12 Dec 2017 09:17:50 +0000 (+0100) Subject: ActivityPub: Check inbox requests for valid signature. X-Git-Url: https://git.squeep.com/?a=commitdiff_plain;h=888ec9e579169e899b58344b18fce860477d9bfc;p=akkoma ActivityPub: Check inbox requests for valid signature. --- diff --git a/lib/pleroma/web/activity_pub/activity_pub_controller.ex b/lib/pleroma/web/activity_pub/activity_pub_controller.ex index a9c0401bc..0f631dd4b 100644 --- a/lib/pleroma/web/activity_pub/activity_pub_controller.ex +++ b/lib/pleroma/web/activity_pub/activity_pub_controller.ex @@ -18,7 +18,8 @@ defmodule Pleroma.Web.ActivityPub.ActivityPubController do end end - def inbox(conn, params) do + # TODO: Move signature failure halt into plug + def inbox(%{assigns: %{valid_signature: true}} = conn, params) do {:ok, activity} = ActivityPub.insert(params, false) json(conn, "ok") end diff --git a/lib/pleroma/web/router.ex b/lib/pleroma/web/router.ex index 4803a6370..4f9ebf5e8 100644 --- a/lib/pleroma/web/router.ex +++ b/lib/pleroma/web/router.ex @@ -219,9 +219,11 @@ defmodule Pleroma.Web.Router do pipeline :activitypub do plug :accepts, ["activity+json"] + plug Pleroma.Web.Plugs.HTTPSignaturePlug end scope "/", Pleroma.Web.ActivityPub do + pipe_through :activitypub post "/users/:nickname/inbox", ActivityPubController, :inbox end