mirrors/gotosocial
1
0
Fork 0
mirror of https://github.com/superseriousbusiness/gotosocial.git synced 2025-10-29 16:02:25 -05:00
Code Issues Projects Releases Packages Wiki Activity Actions

update code comment, add logging

Browse source
This commit is contained in:
kim 2025-04-23 12:38:26 +01:00
commit 5b41861c9c
1 changed files with 15 additions and 10 deletions
Download patch file Download diff file Expand all files Collapse all files

25
internal/middleware/nollamas.go
View file

@ -34,6 +34,7 @@ import (
apiutil "github.com/superseriousbusiness/gotosocial/internal/api/util" apiutil "github.com/superseriousbusiness/gotosocial/internal/api/util"
"github.com/superseriousbusiness/gotosocial/internal/config" "github.com/superseriousbusiness/gotosocial/internal/config"
"github.com/superseriousbusiness/gotosocial/internal/gtserror" "github.com/superseriousbusiness/gotosocial/internal/gtserror"
"github.com/superseriousbusiness/gotosocial/internal/log"
"github.com/superseriousbusiness/gotosocial/internal/oauth" "github.com/superseriousbusiness/gotosocial/internal/oauth"
) )
@ -118,12 +119,17 @@ func (m *nollamas) Serve(c *gin.Context) {
// a TTL basis, so it should be fine. // a TTL basis, so it should be fine.
challenge := token[:len(token)/2] challenge := token[:len(token)/2]
// Prepare new log entry with challenge.
l := log.WithContext(c.Request.Context())
l = l.WithField("challenge", challenge)
// Check for a provided success token. // Check for a provided success token.
cookie, _ := c.Cookie("gts-nollamas") cookie, _ := c.Cookie("gts-nollamas")
if len(cookie) > encodedHashLen { if len(cookie) > encodedHashLen {
// Clearly invalid cookie, just // Clearly invalid cookie, just
// present them with new challenge. // present them with new challenge.
l.Warn("invalid cookie provided")
m.renderChallenge(c, challenge) m.renderChallenge(c, challenge)
return return
} }
@ -149,6 +155,7 @@ func (m *nollamas) Serve(c *gin.Context) {
// An invalid solution string, just // An invalid solution string, just
// present them with new challenge. // present them with new challenge.
l.Info("posing new challenge")
m.renderChallenge(c, challenge) m.renderChallenge(c, challenge)
return return
} }
@ -171,17 +178,16 @@ func (m *nollamas) Serve(c *gin.Context) {
// They failed challenge, // They failed challenge,
// re-present challenge page. // re-present challenge page.
l.Warn("invalid solution provided")
m.renderChallenge(c, challenge) m.renderChallenge(c, challenge)
return return
} }
} }
// Drop the solution from query. l.Infof("challenge passed: %s", nonce)
query.Del("nollamas_solution")
c.Request.URL.RawQuery = query.Encode()
// They passed the challenge! Set success // They passed the challenge! Set success token
// token cookie and allow them to continue. // cookie and allow them to continue to next handlers.
c.SetCookie("gts-nollamas", token, int(m.ttl/time.Second), c.SetCookie("gts-nollamas", token, int(m.ttl/time.Second),
"", "", false, false) "", "", false, false)
c.Next() c.Next()
@ -218,11 +224,10 @@ func (m *nollamas) renderChallenge(c *gin.Context, challenge string) {
} }
func (m *nollamas) token(c *gin.Context, hash *hashWithBufs) string { func (m *nollamas) token(c *gin.Context, hash *hashWithBufs) string {
// Use our safe, unique input seed which // Use our unique seed to seed hash,
// is already hashed, but will get rehashed. // to ensure we have cryptographically
// This ensures we don't leak private keys, // unique, yet deterministic, tokens
// but also we have cryptographically safe // generated for a given http client.
// deterministic tokens for comparisons.
hash.hash.Write(m.seed) hash.hash.Write(m.seed)
// Include difficulty level in // Include difficulty level in