2 comment::get_apub_comment,
5 get_apub_community_followers,
6 get_apub_community_http,
7 get_apub_community_moderators,
8 get_apub_community_outbox,
11 person::{get_apub_person_http, get_apub_person_outbox, person_inbox},
14 site::{get_apub_site_http, get_apub_site_inbox, get_apub_site_outbox},
17 guard::{Guard, GuardContext},
18 http::{header, Method},
21 use http_signature_normalization_actix::digest::middleware::VerifyDigest;
22 use lemmy_utils::settings::structs::Settings;
23 use sha2::{Digest, Sha256};
25 pub fn config(cfg: &mut web::ServiceConfig, settings: &Settings) {
26 if settings.federation.enabled {
27 println!("federation enabled, host is {}", settings.hostname);
30 .route("/", web::get().to(get_apub_site_http))
31 .route("/site_outbox", web::get().to(get_apub_site_outbox))
33 "/c/{community_name}",
34 web::get().to(get_apub_community_http),
37 "/c/{community_name}/followers",
38 web::get().to(get_apub_community_followers),
41 "/c/{community_name}/outbox",
42 web::get().to(get_apub_community_outbox),
45 "/c/{community_name}/moderators",
46 web::get().to(get_apub_community_moderators),
48 .route("/u/{user_name}", web::get().to(get_apub_person_http))
50 "/u/{user_name}/outbox",
51 web::get().to(get_apub_person_outbox),
53 .route("/post/{post_id}", web::get().to(get_apub_post))
54 .route("/comment/{comment_id}", web::get().to(get_apub_comment))
55 .route("/activities/{type_}/{id}", web::get().to(get_activity));
59 .wrap(VerifyDigest::new(Sha256::new()))
60 .guard(InboxRequestGuard)
61 .route("/c/{community_name}/inbox", web::post().to(community_inbox))
62 .route("/u/{user_name}/inbox", web::post().to(person_inbox))
63 .route("/inbox", web::post().to(shared_inbox))
64 .route("/site_inbox", web::post().to(get_apub_site_inbox)),
69 /// Without this, things like webfinger or RSS feeds stop working, as all requests seem to get
70 /// routed into the inbox service (because it covers the root path). So we filter out anything that
71 /// definitely can't be an inbox request (based on Accept header and request method).
72 struct InboxRequestGuard;
74 impl Guard for InboxRequestGuard {
75 fn check(&self, ctx: &GuardContext) -> bool {
76 if ctx.head().method != Method::POST {
79 if let Some(val) = ctx.head().headers.get(header::CONTENT_TYPE) {
80 return val.as_bytes().starts_with(b"application/");