From 42d8011ff4f10664a853c483685db8e97b7a3118 Mon Sep 17 00:00:00 2001
From: kim <89579420+NyaaaWhatsUpDoc@users.noreply.github.com>
Date: Tue, 21 Nov 2023 10:35:30 +0000
Subject: [chore/security] refactor AuthenticateFederatedRequest() to handle
 account deref + suspension checks (#2371)

* refactor AuthenticateFederatedRequest() to handle account suspension + fetching of owner

* small fixups

* small changes

* revert to 'IsEitherBlocked' instead of just 'IsBlocked" :grimace:

* update code comment to indicate that AuthenticateFederatedRequest() will handle account + instance dereferencing
---
 internal/federation/dereferencing/handshake.go | 5 ++++-
 1 file changed, 4 insertions(+), 1 deletion(-)

(limited to 'internal/federation/dereferencing')

diff --git a/internal/federation/dereferencing/handshake.go b/internal/federation/dereferencing/handshake.go
index 1180ff140..253c5f2da 100644
--- a/internal/federation/dereferencing/handshake.go
+++ b/internal/federation/dereferencing/handshake.go
@@ -38,8 +38,11 @@ func (d *Dereferencer) Handshaking(username string, remoteAccountID *url.URL) bo
 		return false
 	}
 
+	// Calculate remote account ID str once.
+	remoteIDStr := remoteAccountID.String()
+
 	for _, id := range remoteIDs {
-		if id.String() == remoteAccountID.String() {
+		if id.String() == remoteIDStr {
 			// We are currently handshaking
 			// with the remote account.
 			return true
-- 
cgit v1.3