From 11d14f6dd8581715e5241f1fc780a14bf4cc40a2 Mon Sep 17 00:00:00 2001 From: Marc Coquand Date: Sat, 2 Dec 2023 13:08:13 -0600 Subject: Add initial auth --- bin/main.ml | 32 +++++++++++++++++++++----------- 1 file changed, 21 insertions(+), 11 deletions(-) (limited to 'bin') diff --git a/bin/main.ml b/bin/main.ml index ef7d5fa..4d12cee 100644 --- a/bin/main.ml +++ b/bin/main.ml @@ -54,8 +54,6 @@ let actor = } |} -let header_concat (a, b) = a ^ ": " ^ b - let () = Post.add fake_post; Post.add fake_post_2; @@ -83,9 +81,8 @@ let () = Dream.post "/inbox" (fun request -> let%lwt body = Dream.body request in Dream.log "Got body: %s" body; - let headers = Dream.all_headers request in - Dream.log "Got headers: %s" - (String.concat " " (List.map header_concat headers)); + let signature = Dream.headers request "signature" in + Dream.log "Got signature: %s" (String.concat " " signature); let message_object = Yojson.Safe.from_string body |> Post.mastodon_post_of_yojson in @@ -99,10 +96,23 @@ let () = Dream.json ?code "User not found" | Ok actor -> Dream.log "User found"; - message_object - |> Post.post_of_mastodon_post (User.name actor) - |> Post.add; - message_object |> Post.yojson_of_mastodon_post - |> Yojson.Safe.to_string |> Dream.log "Added post %s"; - Dream.json "{}"); + let pem = User.get_public_pem actor |> Result.to_option in + let%lwt valid_request = Sig.verify_request pem request in + (match valid_request with + | Error e -> + Dream.log "Error verifying request %s" + Printexc.(to_string e); + let code = Some 500 in + Dream.json ?code "Invalid request" + | Ok false -> + Dream.log "Unauthorized request"; + let code = Some 501 in + Dream.json ?code "Unauthorized" + | Ok true -> + message_object + |> Post.post_of_mastodon_post (User.name actor) + |> Post.add; + message_object |> Post.yojson_of_mastodon_post + |> Yojson.Safe.to_string |> Dream.log "Added post %s"; + Dream.json "Added user")); ] -- cgit v1.2.3