ActivityPub: Check inbox requests for valid signature.
This commit is contained in:
parent
a9c23e1c32
commit
888ec9e579
|
@ -18,7 +18,8 @@ def object(conn, %{"uuid" => uuid}) do
|
|||
end
|
||||
end
|
||||
|
||||
def inbox(conn, params) do
|
||||
# TODO: Move signature failure halt into plug
|
||||
def inbox(%{assigns: %{valid_signature: true}} = conn, params) do
|
||||
{:ok, activity} = ActivityPub.insert(params, false)
|
||||
json(conn, "ok")
|
||||
end
|
||||
|
|
|
@ -219,9 +219,11 @@ def user_fetcher(username) do
|
|||
|
||||
pipeline :activitypub do
|
||||
plug :accepts, ["activity+json"]
|
||||
plug Pleroma.Web.Plugs.HTTPSignaturePlug
|
||||
end
|
||||
|
||||
scope "/", Pleroma.Web.ActivityPub do
|
||||
pipe_through :activitypub
|
||||
post "/users/:nickname/inbox", ActivityPubController, :inbox
|
||||
end
|
||||
|
||||
|
|
Loading…
Reference in a new issue