inhji/chiya
inhji/chiya
1
1
Fork 0
Code Issues 8 Pull requests 9 Activity

add app_token verification, add config, syndicate query

Browse source
This commit is contained in:
Inhji 2023-06-08 09:06:16 +02:00
parent 1b6f7fe039
commit f4cb262310
4 changed files with 57 additions and 5 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

4
lib/chiya/accounts.ex
View file

@ -255,6 +255,10 @@ defmodule Chiya.Accounts do
Repo.insert(changeset) Repo.insert(changeset)
end end
def get_app_token(app_name, context) do
Repo.one(UserToken.app_name_and_context_query(app_name, context))
end
def delete_app_token(id) do def delete_app_token(id) do
Repo.delete(Repo.get(UserToken, id)) Repo.delete(Repo.get(UserToken, id))
end end

4
lib/chiya/accounts/user_token.ex
View file

@ -184,6 +184,10 @@ defmodule Chiya.Accounts.UserToken do
from UserToken, where: [token: ^token, context: ^context] from UserToken, where: [token: ^token, context: ^context]
end end
def app_name_and_context_query(app_name, context) do
from UserToken, where: [sent_to: ^app_name, context: ^context]
end
@doc """ @doc """
Gets all tokens for the given user for the given contexts. Gets all tokens for the given user for the given contexts.
""" """

2
lib/chiya_web/controllers/token_controller.ex
View file

@ -38,7 +38,7 @@ defmodule ChiyaWeb.TokenController do
end end
def delete(conn, %{"id" => id}) do def delete(conn, %{"id" => id}) do
{:ok, _token} = Chiya.Accounts.delete_app_token(id) {:ok, _token} = Chiya.Accounts.delete_app_token(id)
conn conn
|> put_flash(:info, "Token deleted successfully.") |> put_flash(:info, "Token deleted successfully.")

52
lib/chiya_web/indie/micropub_handler.ex
View file

@ -10,7 +10,7 @@ defmodule ChiyaWeb.Indie.MicropubHandler do
dbg(properties) dbg(properties)
dbg(type) dbg(type)
with :ok <- Token.verify(access_token, "create", get_hostname()), with :ok <- verify_token(access_token),
{:ok, post_type} <- Props.get_post_type(properties), {:ok, post_type} <- Props.get_post_type(properties),
{:ok, note_attrs} <- get_attrs(type, post_type, properties), {:ok, note_attrs} <- get_attrs(type, post_type, properties),
{:ok, note} <- Chiya.Notes.create_note(note_attrs) do {:ok, note} <- Chiya.Notes.create_note(note_attrs) do
@ -51,12 +51,57 @@ defmodule ChiyaWeb.Indie.MicropubHandler do
@impl true @impl true
def handle_config_query(_access_token) do def handle_config_query(_access_token) do
{:error, :insufficient_scope} channels = Chiya.Channels.list_channels()
{:ok,
%{
"destination" => [],
"post-types" => [],
"channels" =>
Enum.map(channels, fn c ->
%{
uid: c.slug,
name: c.name
}
end)
}}
end end
@impl true @impl true
def handle_syndicate_to_query(_access_token) do def handle_syndicate_to_query(_access_token) do
{:error, :insufficient_scope} {:ok, %{"syndicate-to" => []}}
end
defp verify_token(access_token) do
Enum.reduce_while([&verify_app_token/1, &verify_micropub_token/1], nil, fn fun, result ->
case fun.(access_token) do
:ok -> {:halt, :ok}
error -> {:cont, error}
end
end)
end
defp verify_micropub_token(access_token) do
Token.verify(access_token, "create", get_hostname())
end
defp verify_app_token(access_token) do
token = Chiya.Accounts.get_app_token("obsidian", "app")
if not is_nil(token) do
token_string =
token.token
|> :crypto.bytes_to_integer()
|> to_string()
if token_string == access_token do
:ok
else
{:error, :insufficient_scope, "Could not verify app token"}
end
else
{:error, :insufficient_scope, "Could not verify app token"}
end
end end
defp get_attrs(type, post_type, properties) do defp get_attrs(type, post_type, properties) do
@ -85,7 +130,6 @@ defmodule ChiyaWeb.Indie.MicropubHandler do
tags_string: tags, tags_string: tags,
published_at: published_at published_at: published_at
}} }}
|> dbg()
end end
defp get_hostname(), defp get_hostname(),