mirror of
https://github.com/mastodon/mastodon.git
synced 2024-11-23 14:35:41 +00:00
1618b68bfa
* Add Request class with HTTP signature generator Spec: https://tools.ietf.org/html/draft-cavage-http-signatures-06 * Add HTTP signature verification concern * Add test for SignatureVerification concern * Add basic test for Request class * Make PuSH subscribe/unsubscribe requests use new Request class Accidentally fix lease_seconds not being set and sent properly, and change the new minimum subscription duration to 1 day * Make all PuSH workers use new Request class * Make Salmon sender use new Request class * Make FetchLinkService use new Request class * Make FetchAtomService use the new Request class * Make Remotable use the new Request class * Make ResolveRemoteAccountService use the new Request class * Add more tests * Allow +-30 seconds window for signed request to remain valid * Disable time window validation for signed requests, restore 7 days as PuSH subscription duration (which was previous default due to a bug)
62 lines
1.5 KiB
Ruby
62 lines
1.5 KiB
Ruby
# frozen_string_literal: true
|
|
|
|
# == Schema Information
|
|
#
|
|
# Table name: subscriptions
|
|
#
|
|
# id :integer not null, primary key
|
|
# callback_url :string default(""), not null
|
|
# secret :string
|
|
# expires_at :datetime
|
|
# confirmed :boolean default(FALSE), not null
|
|
# account_id :integer not null
|
|
# created_at :datetime not null
|
|
# updated_at :datetime not null
|
|
# last_successful_delivery_at :datetime
|
|
#
|
|
|
|
class Subscription < ApplicationRecord
|
|
MIN_EXPIRATION = 1.day.to_i
|
|
MAX_EXPIRATION = 30.days.to_i
|
|
|
|
belongs_to :account, required: true
|
|
|
|
validates :callback_url, presence: true
|
|
validates :callback_url, uniqueness: { scope: :account_id }
|
|
|
|
scope :confirmed, -> { where(confirmed: true) }
|
|
scope :future_expiration, -> { where(arel_table[:expires_at].gt(Time.now.utc)) }
|
|
scope :active, -> { confirmed.future_expiration }
|
|
|
|
def lease_seconds=(value)
|
|
self.expires_at = future_expiration(value)
|
|
end
|
|
|
|
def lease_seconds
|
|
(expires_at - Time.now.utc).to_i
|
|
end
|
|
|
|
def expired?
|
|
Time.now.utc > expires_at
|
|
end
|
|
|
|
before_validation :set_min_expiration
|
|
|
|
private
|
|
|
|
def future_expiration(value)
|
|
Time.now.utc + future_offset(value).seconds
|
|
end
|
|
|
|
def future_offset(seconds)
|
|
[
|
|
[MIN_EXPIRATION, seconds.to_i].max,
|
|
MAX_EXPIRATION,
|
|
].min
|
|
end
|
|
|
|
def set_min_expiration
|
|
self.lease_seconds = 0 unless expires_at
|
|
end
|
|
end
|