diff options
Diffstat (limited to 'packages/backend/src/core')
| -rw-r--r-- | packages/backend/src/core/CreateSystemUserService.ts | 10 | ||||
| -rw-r--r-- | packages/backend/src/core/InstanceActorService.ts | 10 |
2 files changed, 9 insertions, 11 deletions
diff --git a/packages/backend/src/core/CreateSystemUserService.ts b/packages/backend/src/core/CreateSystemUserService.ts index d198707a42..a0aa6bad06 100644 --- a/packages/backend/src/core/CreateSystemUserService.ts +++ b/packages/backend/src/core/CreateSystemUserService.ts @@ -29,7 +29,7 @@ export class CreateSystemUserService { } @bindThis - public async createSystemUser(username: string, data?: Partial<MiUser>): Promise<MiUser> { + public async createSystemUser(username: string): Promise<MiUser> { const password = randomUUID(); // Generate hash of password @@ -63,7 +63,13 @@ export class CreateSystemUserService { isExplorable: false, approved: true, isBot: true, - ...(data ?? {}), + /* we always allow requests about our instance actor, because when + a remote instance needs to check our signature on a request we + sent, it will need to fetch information about the user that + signed it (which is our instance actor), and if we try to check + their signature on *that* request, we'll fetch *their* instance + actor... leading to an infinite recursion */ + allowUnsignedFetch: 'always', }).then(x => transactionalEntityManager.findOneByOrFail(MiUser, x.identifiers[0])); await transactionalEntityManager.insert(MiUserKeypair, { diff --git a/packages/backend/src/core/InstanceActorService.ts b/packages/backend/src/core/InstanceActorService.ts index 6c0e360588..22c47297a3 100644 --- a/packages/backend/src/core/InstanceActorService.ts +++ b/packages/backend/src/core/InstanceActorService.ts @@ -49,15 +49,7 @@ export class InstanceActorService { this.cache.set(user); return user; } else { - const created = await this.createSystemUserService.createSystemUser(ACTOR_USERNAME, { - /* we always allow requests about our instance actor, because when - a remote instance needs to check our signature on a request we - sent, it will need to fetch information about the user that - signed it (which is our instance actor), and if we try to check - their signature on *that* request, we'll fetch *their* instance - actor... leading to an infinite recursion */ - allowUnsignedFetch: 'always', - }) as MiLocalUser; + const created = await this.createSystemUserService.createSystemUser(ACTOR_USERNAME) as MiLocalUser; this.cache.set(created); return created; } |