]> Untitled Git - lemmy.git/commitdiff
Wrap each inbox route individually (#954)
authorRiley <asonix@asonix.dog>
Mon, 13 Jul 2020 13:55:55 +0000 (08:55 -0500)
committerGitHub <noreply@github.com>
Mon, 13 Jul 2020 13:55:55 +0000 (09:55 -0400)
server/Cargo.lock
server/Cargo.toml
server/src/routes/federation.rs

index 624385935470c2d2e8c228f33b33668959cd9fc1..d90b96799b2e5fdb583135c78054e1eceaafd92b 100644 (file)
@@ -1422,9 +1422,9 @@ dependencies = [
 
 [[package]]
 name = "http-signature-normalization-actix"
-version = "0.4.0-alpha.0"
+version = "0.4.0-alpha.2"
 source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "09afff6987c7edbed101d1cddd2185786fb0af0dd9c06b654aca73a0a763680f"
+checksum = "131fc982391a6b37847888b568cbe0e9cd302f1b0015f4f6f4a50234bebd049c"
 dependencies = [
  "actix-http",
  "actix-web",
index a5e5a583b78dfb35940bc3637325364727c67a6a..2aa3c139b7c8b1511527c69efd959925de0b3865 100644 (file)
@@ -44,7 +44,7 @@ url = { version = "2.1.1", features = ["serde"] }
 percent-encoding = "2.1.0"
 openssl = "0.10"
 http = "0.2.1"
-http-signature-normalization-actix = { version = "0.4.0-alpha.0", default-features = false, features = ["sha-2"] }
+http-signature-normalization-actix = { version = "0.4.0-alpha.2", default-features = false, features = ["sha-2"] }
 base64 = "0.12.1"
 tokio = "0.2.21"
 futures = "0.3.5"
index ebab139a7951d2ba607a4758fe11b12dfd2bf6fd..cd4c47803dbfbebfaee98da7f1f4cdc7aa505c15 100644 (file)
@@ -9,11 +9,15 @@ use crate::apub::{
   APUB_JSON_CONTENT_TYPE,
 };
 use actix_web::*;
+use http_signature_normalization_actix::digest::middleware::VerifyDigest;
 use lemmy_utils::settings::Settings;
+use sha2::{Digest, Sha256};
 
 pub fn config(cfg: &mut web::ServiceConfig) {
   if Settings::get().federation.enabled {
     println!("federation enabled, host is {}", Settings::get().hostname);
+    let digest_verifier = VerifyDigest::new(Sha256::new());
+
     cfg
       .service(
         web::scope("/")
@@ -36,8 +40,20 @@ pub fn config(cfg: &mut web::ServiceConfig) {
           .route("/comment/{comment_id}", web::get().to(get_apub_comment)),
       )
       // Inboxes dont work with the header guard for some reason.
-      .route("/c/{community_name}/inbox", web::post().to(community_inbox))
-      .route("/u/{user_name}/inbox", web::post().to(user_inbox))
-      .route("/inbox", web::post().to(shared_inbox));
+      .service(
+        web::resource("/c/{community_name}/inbox")
+          .wrap(digest_verifier.clone())
+          .route(web::post().to(community_inbox)),
+      )
+      .service(
+        web::resource("/u/{user_name}/inbox")
+          .wrap(digest_verifier.clone())
+          .route(web::post().to(user_inbox)),
+      )
+      .service(
+        web::resource("/inbox")
+          .wrap(digest_verifier)
+          .route(web::post().to(shared_inbox)),
+      );
   }
 }