Wrap each inbox route individually (#954)

This commit is contained in:
Riley 2020-07-13 08:55:55 -05:00 committed by GitHub
parent 7556f8615f
commit 8f745b80d3
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
3 changed files with 22 additions and 6 deletions

4
server/Cargo.lock generated vendored
View file

@ -1422,9 +1422,9 @@ dependencies = [
[[package]] [[package]]
name = "http-signature-normalization-actix" name = "http-signature-normalization-actix"
version = "0.4.0-alpha.0" version = "0.4.0-alpha.2"
source = "registry+https://github.com/rust-lang/crates.io-index" source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "09afff6987c7edbed101d1cddd2185786fb0af0dd9c06b654aca73a0a763680f" checksum = "131fc982391a6b37847888b568cbe0e9cd302f1b0015f4f6f4a50234bebd049c"
dependencies = [ dependencies = [
"actix-http", "actix-http",
"actix-web", "actix-web",

2
server/Cargo.toml vendored
View file

@ -44,7 +44,7 @@ url = { version = "2.1.1", features = ["serde"] }
percent-encoding = "2.1.0" percent-encoding = "2.1.0"
openssl = "0.10" openssl = "0.10"
http = "0.2.1" http = "0.2.1"
http-signature-normalization-actix = { version = "0.4.0-alpha.0", default-features = false, features = ["sha-2"] } http-signature-normalization-actix = { version = "0.4.0-alpha.2", default-features = false, features = ["sha-2"] }
base64 = "0.12.1" base64 = "0.12.1"
tokio = "0.2.21" tokio = "0.2.21"
futures = "0.3.5" futures = "0.3.5"

View file

@ -9,11 +9,15 @@ use crate::apub::{
APUB_JSON_CONTENT_TYPE, APUB_JSON_CONTENT_TYPE,
}; };
use actix_web::*; use actix_web::*;
use http_signature_normalization_actix::digest::middleware::VerifyDigest;
use lemmy_utils::settings::Settings; use lemmy_utils::settings::Settings;
use sha2::{Digest, Sha256};
pub fn config(cfg: &mut web::ServiceConfig) { pub fn config(cfg: &mut web::ServiceConfig) {
if Settings::get().federation.enabled { if Settings::get().federation.enabled {
println!("federation enabled, host is {}", Settings::get().hostname); println!("federation enabled, host is {}", Settings::get().hostname);
let digest_verifier = VerifyDigest::new(Sha256::new());
cfg cfg
.service( .service(
web::scope("/") web::scope("/")
@ -36,8 +40,20 @@ pub fn config(cfg: &mut web::ServiceConfig) {
.route("/comment/{comment_id}", web::get().to(get_apub_comment)), .route("/comment/{comment_id}", web::get().to(get_apub_comment)),
) )
// Inboxes dont work with the header guard for some reason. // Inboxes dont work with the header guard for some reason.
.route("/c/{community_name}/inbox", web::post().to(community_inbox)) .service(
.route("/u/{user_name}/inbox", web::post().to(user_inbox)) web::resource("/c/{community_name}/inbox")
.route("/inbox", web::post().to(shared_inbox)); .wrap(digest_verifier.clone())
.route(web::post().to(community_inbox)),
)
.service(
web::resource("/u/{user_name}/inbox")
.wrap(digest_verifier.clone())
.route(web::post().to(user_inbox)),
)
.service(
web::resource("/inbox")
.wrap(digest_verifier)
.route(web::post().to(shared_inbox)),
);
} }
} }