add app_token verification, add config, syndicate query #98
4 changed files with 57 additions and 5 deletions
|
@ -255,6 +255,10 @@ defmodule Chiya.Accounts do
|
||||||
Repo.insert(changeset)
|
Repo.insert(changeset)
|
||||||
end
|
end
|
||||||
|
|
||||||
|
def get_app_token(app_name, context) do
|
||||||
|
Repo.one(UserToken.app_name_and_context_query(app_name, context))
|
||||||
|
end
|
||||||
|
|
||||||
def delete_app_token(id) do
|
def delete_app_token(id) do
|
||||||
Repo.delete(Repo.get(UserToken, id))
|
Repo.delete(Repo.get(UserToken, id))
|
||||||
end
|
end
|
||||||
|
|
|
@ -184,6 +184,10 @@ defmodule Chiya.Accounts.UserToken do
|
||||||
from UserToken, where: [token: ^token, context: ^context]
|
from UserToken, where: [token: ^token, context: ^context]
|
||||||
end
|
end
|
||||||
|
|
||||||
|
def app_name_and_context_query(app_name, context) do
|
||||||
|
from UserToken, where: [sent_to: ^app_name, context: ^context]
|
||||||
|
end
|
||||||
|
|
||||||
@doc """
|
@doc """
|
||||||
Gets all tokens for the given user for the given contexts.
|
Gets all tokens for the given user for the given contexts.
|
||||||
"""
|
"""
|
||||||
|
|
|
@ -10,7 +10,7 @@ defmodule ChiyaWeb.Indie.MicropubHandler do
|
||||||
dbg(properties)
|
dbg(properties)
|
||||||
dbg(type)
|
dbg(type)
|
||||||
|
|
||||||
with :ok <- Token.verify(access_token, "create", get_hostname()),
|
with :ok <- verify_token(access_token),
|
||||||
{:ok, post_type} <- Props.get_post_type(properties),
|
{:ok, post_type} <- Props.get_post_type(properties),
|
||||||
{:ok, note_attrs} <- get_attrs(type, post_type, properties),
|
{:ok, note_attrs} <- get_attrs(type, post_type, properties),
|
||||||
{:ok, note} <- Chiya.Notes.create_note(note_attrs) do
|
{:ok, note} <- Chiya.Notes.create_note(note_attrs) do
|
||||||
|
@ -51,12 +51,57 @@ defmodule ChiyaWeb.Indie.MicropubHandler do
|
||||||
|
|
||||||
@impl true
|
@impl true
|
||||||
def handle_config_query(_access_token) do
|
def handle_config_query(_access_token) do
|
||||||
{:error, :insufficient_scope}
|
channels = Chiya.Channels.list_channels()
|
||||||
|
|
||||||
|
{:ok,
|
||||||
|
%{
|
||||||
|
"destination" => [],
|
||||||
|
"post-types" => [],
|
||||||
|
"channels" =>
|
||||||
|
Enum.map(channels, fn c ->
|
||||||
|
%{
|
||||||
|
uid: c.slug,
|
||||||
|
name: c.name
|
||||||
|
}
|
||||||
|
end)
|
||||||
|
}}
|
||||||
end
|
end
|
||||||
|
|
||||||
@impl true
|
@impl true
|
||||||
def handle_syndicate_to_query(_access_token) do
|
def handle_syndicate_to_query(_access_token) do
|
||||||
{:error, :insufficient_scope}
|
{:ok, %{"syndicate-to" => []}}
|
||||||
|
end
|
||||||
|
|
||||||
|
defp verify_token(access_token) do
|
||||||
|
Enum.reduce_while([&verify_app_token/1, &verify_micropub_token/1], nil, fn fun, result ->
|
||||||
|
case fun.(access_token) do
|
||||||
|
:ok -> {:halt, :ok}
|
||||||
|
error -> {:cont, error}
|
||||||
|
end
|
||||||
|
end)
|
||||||
|
end
|
||||||
|
|
||||||
|
defp verify_micropub_token(access_token) do
|
||||||
|
Token.verify(access_token, "create", get_hostname())
|
||||||
|
end
|
||||||
|
|
||||||
|
defp verify_app_token(access_token) do
|
||||||
|
token = Chiya.Accounts.get_app_token("obsidian", "app")
|
||||||
|
|
||||||
|
if not is_nil(token) do
|
||||||
|
token_string =
|
||||||
|
token.token
|
||||||
|
|> :crypto.bytes_to_integer()
|
||||||
|
|> to_string()
|
||||||
|
|
||||||
|
if token_string == access_token do
|
||||||
|
:ok
|
||||||
|
else
|
||||||
|
{:error, :insufficient_scope, "Could not verify app token"}
|
||||||
|
end
|
||||||
|
else
|
||||||
|
{:error, :insufficient_scope, "Could not verify app token"}
|
||||||
|
end
|
||||||
end
|
end
|
||||||
|
|
||||||
defp get_attrs(type, post_type, properties) do
|
defp get_attrs(type, post_type, properties) do
|
||||||
|
@ -85,7 +130,6 @@ defmodule ChiyaWeb.Indie.MicropubHandler do
|
||||||
tags_string: tags,
|
tags_string: tags,
|
||||||
published_at: published_at
|
published_at: published_at
|
||||||
}}
|
}}
|
||||||
|> dbg()
|
|
||||||
end
|
end
|
||||||
|
|
||||||
defp get_hostname(),
|
defp get_hostname(),
|
||||||
|
|
Loading…
Reference in a new issue