pch_xyz/sedi-relay
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity
sedi-relay/relay/middleware.py
Izalia Mae 8988717377 rework first draft
2022-04-08 17:48:27 -04:00

43 lines
1.2 KiB
Python
Raw Blame History

import logging
from aiohttp.web import HTTPUnauthorized
from json.decoder import JSONDecodeError
from . import misc
async def http_signatures_middleware(app, handler):
async def http_signatures_handler(request):
request['validated'] = False
request['actor'] = None
try:
request['data'] = await request.json()
if app['config'].is_banned(request['data']['actor']):
raise HTTPUnauthorized(body='banned')
except JSONDecodeError:
request['data'] = None
if 'signature' in request.headers and request.method == 'POST':
if 'actor' not in request['data']:
raise HTTPUnauthorized(body='signature check failed, no actor in message')
request['actor'] = await misc.request(request['data']['actor'])
if not request['actor']:
logging.warning('Failed to fetch actor:', request['data']['actor'])
raise HTTPUnauthorized('failed to fetch actor')
actor_id = request['actor']['id']
if not (await misc.validate_signature(actor_id, request)):
logging.warning(f'signature validation failed for: {actor_id}')
raise HTTPUnauthorized(body='signature check failed, signature did not match key')
return (await handler(request))
return (await handler(request))
return http_signatures_handler
Reference in a new issue View git blame Copy permalink