summaryrefslogtreecommitdiff
path: root/src/server/activitypub/inbox.ts
diff options
context:
space:
mode:
Diffstat (limited to 'src/server/activitypub/inbox.ts')
-rw-r--r--src/server/activitypub/inbox.ts42
1 files changed, 42 insertions, 0 deletions
diff --git a/src/server/activitypub/inbox.ts b/src/server/activitypub/inbox.ts
new file mode 100644
index 0000000000..9151297487
--- /dev/null
+++ b/src/server/activitypub/inbox.ts
@@ -0,0 +1,42 @@
+import * as bodyParser from 'body-parser';
+import * as express from 'express';
+import { parseRequest, verifySignature } from 'http-signature';
+import User, { IRemoteAccount } from '../../models/user';
+import queue from '../../queue';
+
+const app = express();
+app.disable('x-powered-by');
+app.use(bodyParser.json());
+
+app.post('/@:user/inbox', async (req, res) => {
+ let parsed;
+
+ try {
+ parsed = parseRequest(req);
+ } catch (exception) {
+ return res.sendStatus(401);
+ }
+
+ const user = await User.findOne({
+ host: { $ne: null },
+ 'account.publicKey.id': parsed.keyId
+ });
+
+ if (user === null) {
+ return res.sendStatus(401);
+ }
+
+ if (!verifySignature(parsed, (user.account as IRemoteAccount).publicKey.publicKeyPem)) {
+ return res.sendStatus(401);
+ }
+
+ queue.create('http', {
+ type: 'performActivityPub',
+ actor: user._id,
+ outbox: req.body,
+ }).save();
+
+ return res.status(202).end();
+});
+
+export default app;
generated by cgit v1.3.1-freya (git 2.54.0) at 2026-05-26 21:55:14 +0000