hippofish/src/server/activitypub/inbox.ts

43 lines
917 B
TypeScript
Raw Normal View History

2018-04-01 08:58:49 +02:00
import * as bodyParser from 'body-parser';
import * as express from 'express';
import { parseRequest, verifySignature } from 'http-signature';
import User, { IRemoteAccount } from '../../models/user';
import queue from '../../queue';
const app = express();
app.disable('x-powered-by');
app.use(bodyParser.json());
2018-04-01 09:46:33 +02:00
app.post('/@:user/inbox', async (req, res) => {
2018-04-01 08:58:49 +02:00
let parsed;
try {
parsed = parseRequest(req);
} catch (exception) {
return res.sendStatus(401);
}
const user = await User.findOne({
host: { $ne: null },
2018-04-01 09:04:23 +02:00
'account.publicKey.id': parsed.keyId
2018-04-01 08:58:49 +02:00
});
if (user === null) {
return res.sendStatus(401);
}
if (!verifySignature(parsed, (user.account as IRemoteAccount).publicKey.publicKeyPem)) {
return res.sendStatus(401);
}
queue.create('http', {
type: 'performActivityPub',
actor: user._id,
outbox: req.body,
}).save();
2018-04-01 11:16:47 +02:00
return res.status(202).end();
2018-04-01 08:58:49 +02:00
});
export default app;