yumechi-no-kuni/src/server/activitypub/inbox.ts

60 lines
1.3 KiB
TypeScript
Raw Normal View History

2018-04-01 01:58:49 -05:00
import * as bodyParser from 'body-parser';
import * as express from 'express';
import { parseRequest, verifySignature } from 'http-signature';
2018-04-01 14:01:34 -05:00
import User, { IRemoteUser } from '../../models/user';
2018-04-01 01:58:49 -05:00
import queue from '../../queue';
2018-04-01 14:15:27 -05:00
import parseAcct from '../../misc/user/parse-acct';
2018-04-01 01:58:49 -05:00
const app = express();
app.disable('x-powered-by');
app.use(bodyParser.json());
2018-04-01 02:46:33 -05:00
app.post('/@:user/inbox', async (req, res) => {
2018-04-01 01:58:49 -05:00
let parsed;
req.headers.authorization = 'Signature ' + req.headers.signature;
2018-04-01 01:58:49 -05:00
try {
parsed = parseRequest(req);
} catch (exception) {
return res.sendStatus(401);
}
const keyIdLower = parsed.keyId.toLowerCase();
let query;
if (keyIdLower.startsWith('acct:')) {
const { username, host } = parseAcct(keyIdLower.slice('acct:'.length));
if (host === null) {
return res.sendStatus(401);
}
query = { usernameLower: username, hostLower: host };
} else {
query = {
host: { $ne: null },
'account.publicKey.id': parsed.keyId
};
}
2018-04-01 14:01:34 -05:00
const user = await User.findOne(query) as IRemoteUser;
2018-04-01 01:58:49 -05:00
if (user === null) {
return res.sendStatus(401);
}
2018-04-01 14:01:34 -05:00
if (!verifySignature(parsed, user.account.publicKey.publicKeyPem)) {
2018-04-01 01:58:49 -05:00
return res.sendStatus(401);
}
queue.create('http', {
type: 'performActivityPub',
actor: user._id,
outbox: req.body,
}).save();
2018-04-01 04:16:47 -05:00
return res.status(202).end();
2018-04-01 01:58:49 -05:00
});
export default app;