mirror of
https://github.com/LemmyNet/activitypub-federation-rust.git
synced 2024-06-10 09:19:34 +00:00
Implement secure mode federation example in actix-web example
This commit is contained in:
parent
216458eb82
commit
1b6dbf036f
|
@ -4,11 +4,11 @@ use crate::{
|
|||
objects::person::{DbUser, PersonAcceptedActivities},
|
||||
};
|
||||
use activitypub_federation::{
|
||||
actix_web::inbox::receive_activity,
|
||||
actix_web::{inbox::receive_activity, signing_actor},
|
||||
config::{Data, FederationConfig, FederationMiddleware},
|
||||
fetch::webfinger::{build_webfinger_response, extract_webfinger_name},
|
||||
protocol::context::WithContext,
|
||||
traits::Object,
|
||||
traits::{Actor, Object},
|
||||
FEDERATION_CONTENT_TYPE,
|
||||
};
|
||||
use actix_web::{web, web::Bytes, App, HttpRequest, HttpResponse, HttpServer};
|
||||
|
@ -23,6 +23,7 @@ pub fn listen(config: &FederationConfig<DatabaseHandle>) -> Result<(), Error> {
|
|||
let server = HttpServer::new(move || {
|
||||
App::new()
|
||||
.wrap(FederationMiddleware::new(config.clone()))
|
||||
.route("/", web::get().to(http_get_system_user))
|
||||
.route("/{user}", web::get().to(http_get_user))
|
||||
.route("/{user}/inbox", web::post().to(http_post_user_inbox))
|
||||
.route("/.well-known/webfinger", web::get().to(webfinger))
|
||||
|
@ -33,11 +34,28 @@ pub fn listen(config: &FederationConfig<DatabaseHandle>) -> Result<(), Error> {
|
|||
Ok(())
|
||||
}
|
||||
|
||||
/// Handles requests to fetch system user json over HTTP
|
||||
pub async fn http_get_system_user(data: Data<DatabaseHandle>) -> Result<HttpResponse, Error> {
|
||||
let json_user = data.system_user.clone().into_json(&data).await?;
|
||||
Ok(HttpResponse::Ok()
|
||||
.content_type(FEDERATION_CONTENT_TYPE)
|
||||
.json(WithContext::new_default(json_user)))
|
||||
}
|
||||
|
||||
/// Handles requests to fetch user json over HTTP
|
||||
pub async fn http_get_user(
|
||||
request: HttpRequest,
|
||||
user_name: web::Path<String>,
|
||||
data: Data<DatabaseHandle>,
|
||||
) -> Result<HttpResponse, Error> {
|
||||
let signed_by = signing_actor::<DbUser>(&request, None, &data).await?;
|
||||
// here, checks can be made on the actor or the domain to which
|
||||
// it belongs, to verify whether it is allowed to access this resource
|
||||
info!(
|
||||
"Fetch user request is signed by system account {}",
|
||||
signed_by.id()
|
||||
);
|
||||
|
||||
let db_user = data.local_user();
|
||||
if user_name.into_inner() == db_user.name {
|
||||
let json_user = db_user.into_json(&data).await?;
|
||||
|
|
|
@ -15,13 +15,18 @@ pub fn new_instance(
|
|||
hostname: &str,
|
||||
name: String,
|
||||
) -> Result<FederationConfig<DatabaseHandle>, Error> {
|
||||
let mut system_user = DbUser::new(hostname, "system".into())?;
|
||||
system_user.ap_id = Url::parse(&format!("http://{}/", hostname))?.into();
|
||||
|
||||
let local_user = DbUser::new(hostname, name)?;
|
||||
let database = Arc::new(Database {
|
||||
system_user: system_user.clone(),
|
||||
users: Mutex::new(vec![local_user]),
|
||||
posts: Mutex::new(vec![]),
|
||||
});
|
||||
let config = FederationConfig::builder()
|
||||
.domain(hostname)
|
||||
.signed_fetch_actor(&system_user)
|
||||
.app_data(database)
|
||||
.debug(true)
|
||||
.build()?;
|
||||
|
@ -32,6 +37,7 @@ pub type DatabaseHandle = Arc<Database>;
|
|||
|
||||
/// Our "database" which contains all known posts and users (local and federated)
|
||||
pub struct Database {
|
||||
pub system_user: DbUser,
|
||||
pub users: Mutex<Vec<DbUser>>,
|
||||
pub posts: Mutex<Vec<DbPost>>,
|
||||
}
|
||||
|
|
Loading…
Reference in a new issue