diff options
| author |  tobi <31960611+tsmethurst@users.noreply.github.com> | 2023-02-08 15:10:56 +0100 |
|---|---|---|
| committer |  GitHub <noreply@github.com> | 2023-02-08 15:10:56 +0100 |
| commit | 27e95fd1237d13edafc557531932067d329e9733 (patch) | |
| tree | 75ad8444539af5e0d545526cd86929f9e173c610 /internal/api/activitypub.go | |
| parent | [bugfix] fix 'steal this look' form, uncheck entries after processing (#1454) (diff) | |
| download | gotosocial-27e95fd1237d13edafc557531932067d329e9733.tar.xz | |
[chore/bugfix] Serve + throttle publickey separately from rest of ActivityPub API (#1461)
* serve publickey separately from AP, don't throttle it
* update nginx cache documentation, cache main-key too
* throttle public key, but separately from other endpoints
Diffstat (limited to 'internal/api/activitypub.go')
| -rw-r--r-- | internal/api/activitypub.go | 38 |
1 files changed, 20 insertions, 18 deletions
diff --git a/internal/api/activitypub.go b/internal/api/activitypub.go index df48afb18..72a8f6e26 100644 --- a/internal/api/activitypub.go +++ b/internal/api/activitypub.go @@ -19,11 +19,9 @@ package api import ( - "context" - "net/url" - "github.com/gin-gonic/gin" "github.com/superseriousbusiness/gotosocial/internal/api/activitypub/emoji" + "github.com/superseriousbusiness/gotosocial/internal/api/activitypub/publickey" "github.com/superseriousbusiness/gotosocial/internal/api/activitypub/users" "github.com/superseriousbusiness/gotosocial/internal/db" "github.com/superseriousbusiness/gotosocial/internal/middleware" @@ -32,10 +30,10 @@ import ( ) type ActivityPub struct { - emoji *emoji.Module - users *users.Module - - isURIBlocked func(context.Context, *url.URL) (bool, db.Error) + emoji *emoji.Module + users *users.Module + publicKey *publickey.Module + signatureCheckMiddleware gin.HandlerFunc } func (a *ActivityPub) Route(r router.Router, m ...gin.HandlerFunc) { @@ -43,25 +41,29 @@ func (a *ActivityPub) Route(r router.Router, m ...gin.HandlerFunc) { emojiGroup := r.AttachGroup("emoji") usersGroup := r.AttachGroup("users") - // instantiate + attach shared, non-global middlewares to both of these groups - var ( - signatureCheckMiddleware = middleware.SignatureCheck(a.isURIBlocked) - cacheControlMiddleware = middleware.CacheControl("no-store") - ) + // attach shared, non-global middlewares to both of these groups + cacheControlMiddleware := middleware.CacheControl("no-store") emojiGroup.Use(m...) usersGroup.Use(m...) - emojiGroup.Use(signatureCheckMiddleware, cacheControlMiddleware) - usersGroup.Use(signatureCheckMiddleware, cacheControlMiddleware) + emojiGroup.Use(a.signatureCheckMiddleware, cacheControlMiddleware) + usersGroup.Use(a.signatureCheckMiddleware, cacheControlMiddleware) a.emoji.Route(emojiGroup.Handle) a.users.Route(usersGroup.Handle) } +// Public key endpoint requires different middleware + cache policies from other AP endpoints. +func (a *ActivityPub) RoutePublicKey(r router.Router, m ...gin.HandlerFunc) { + publicKeyGroup := r.AttachGroup(publickey.PublicKeyPath) + publicKeyGroup.Use(a.signatureCheckMiddleware, middleware.CacheControl("public,max-age=604800")) + a.publicKey.Route(publicKeyGroup.Handle) +} + func NewActivityPub(db db.DB, p processing.Processor) *ActivityPub { return &ActivityPub{ - emoji: emoji.New(p), - users: users.New(p), - - isURIBlocked: db.IsURIBlocked, + emoji: emoji.New(p), + users: users.New(p), + publicKey: publickey.New(p), + signatureCheckMiddleware: middleware.SignatureCheck(db.IsURIBlocked), } } |