mirrors/gotosocial
1
0
Fork 0
mirror of https://github.com/superseriousbusiness/gotosocial.git synced 2025-11-08 05:09:30 -06:00
Code Issues Projects Releases Packages Wiki Activity Actions

wahhh getting there

Browse source
This commit is contained in:
tsmethurst 2021-05-06 14:01:43 +02:00
commit d4c919d273
12 changed files with 214 additions and 151 deletions
Download patch file Download diff file Expand all files Collapse all files

59
internal/api/s2s/user/userget.go
View file

@ -23,7 +23,6 @@ import (
"github.com/gin-gonic/gin"
"github.com/sirupsen/logrus"
"github.com/superseriousbusiness/gotosocial/internal/gtsmodel"
)
// UsersGETHandler should be served at https://example.org/users/:username.
@ -55,60 +54,14 @@ func (m *Module) UsersGETHandler(c *gin.Context) {
}
l.Tracef("negotiated format: %s", format)
// get the account the request is referring to
requestedAccount := &gtsmodel.Account{}
if err := m.db.GetLocalAccountByUsername(requestedUsername, requestedAccount); err != nil {
l.Errorf("database error getting account with username %s: %s", requestedUsername, err)
// we'll just return not authorized here to avoid giving anything away
c.JSON(http.StatusUnauthorized, gin.H{"error": "not authorized"})
return
}
// and create a transport for it
transport, err := m.federator.TransportController().NewTransport(requestedAccount.PublicKeyURI, requestedAccount.PrivateKey)
// make a copy of the context to pass along so we don't break anything
cp := c.Copy()
user, err := m.processor.GetAPUser(requestedUsername, cp.Request) // GetAPUser handles auth as well
if err != nil {
l.Errorf("error creating transport for username %s: %s", requestedUsername, err)
// we'll just return not authorized here to avoid giving anything away
c.JSON(http.StatusUnauthorized, gin.H{"error": "not authorized"})
l.Info(err.Error())
c.JSON(err.Code(), gin.H{"error": err.Safe()})
return
}
// authenticate the request
authentication, err := federation.AuthenticateFederatedRequest(transport, c.Request)
if err != nil {
l.Errorf("error authenticating GET user request: %s", err)
c.JSON(http.StatusUnauthorized, gin.H{"error": "not authorized"})
return
}
if !authentication.Authenticated {
l.Debug("request not authorized")
c.JSON(http.StatusUnauthorized, gin.H{"error": "not authorized"})
return
}
requestingAccount := &gtsmodel.Account{}
if authentication.RequestingPublicKeyID != nil {
if err := m.db.GetWhere("public_key_uri", authentication.RequestingPublicKeyID.String(), requestingAccount); err != nil {
}
}
authorization, err := federation.AuthorizeFederatedRequest
person, err := m.tc.AccountToAS(requestedAccount)
if err != nil {
l.Errorf("error converting account to ap person: %s", err)
c.JSON(http.StatusUnauthorized, gin.H{"error": "not authorized"})
return
}
data, err := person.Serialize()
if err != nil {
l.Errorf("error serializing user: %s", err)
c.JSON(http.StatusUnauthorized, gin.H{"error": "not authorized"})
return
}
c.JSON(http.StatusOK, data)
c.JSON(http.StatusOK, user)
}