lynnesbian/FediBooks
lynnesbian
/
FediBooks
mirror of https://github.com/Lynnesbian/FediBooks/
1
0
Fork 0
Code Issues Releases Wiki Activity

provide webfinger and actor info with rsa key for secure fetch

This commit is contained in:
Lynne Megido 2020-03-18 16:41:32 +10:00
parent bd2b064153
commit 0c22c415b1
Signed by: lynnesbian
GPG Key ID: F0A184B5213D9F90
6 changed files with 90 additions and 12 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

27
app/functions.py
View File

@ -1,6 +1,7 @@
from bs4 import BeautifulSoup from bs4 import BeautifulSoup
import MySQLdb import MySQLdb
import markovify import markovify
from Crypto.PublicKey import RSA
from mastodon import Mastodon, MastodonUnauthorizedError from mastodon import Mastodon, MastodonUnauthorizedError
import html, re, json import html, re, json
@ -175,3 +176,29 @@ def make_post(args):
c.execute("UPDATE bots SET last_post = CURRENT_TIMESTAMP() WHERE handle = %s", (handle,)) c.execute("UPDATE bots SET last_post = CURRENT_TIMESTAMP() WHERE handle = %s", (handle,))
db.commit() db.commit()
c.close() c.close()
def get_key():
db = MySQLdb.connect(
host = cfg['db_host'],
user=cfg['db_user'],
passwd=cfg['db_pass'],
db=cfg['db_name']
)
dc = db.cursor(MySQLdb.cursors.DictCursor)
dc.execute("SELECT * FROM http_auth_key")
key = dc.fetchone()
if key == None:
# generate new key
key = {}
privkey = RSA.generate(4096)
key['private'] = privkey.exportKey('PEM').decode('utf-8')
key['public'] = privkey.publickey().exportKey('PEM').decode('utf-8')
dc.execute("INSERT INTO http_auth_key (private, public) VALUES (%s, %s)", (key['private'], key['public']))
dc.close()
db.commit()
return key

24
app/templates/ap/actor.json Normal file
View File

@ -0,0 +1,24 @@
{
"@context": [
"https://www.w3.org/ns/activitystreams",
{
"manuallyApprovesFollowers": "as:manuallyApprovesFollowers"
}
],
"endpoints": {
"sharedInbox": "{{ base_uri }}/inbox"
},
"inbox": "{{ base_uri }}/inbox",
"name": "FediBooks",
"type": "Application",
"id": "{{ base_uri }}/actor",
"manuallyApprovesFollowers": true,
"publicKey": {
"id": "{{ base_uri }}/actor#main-key",
"owner": "{{ base_uri }}/actor",
"publicKeyPem": "{{ pubkey }}"
},
"summary": "FediBooks Actor",
"preferredUsername": "fedibooks",
"url": "{{ base_uri }}/actor"
}

13
app/templates/ap/webfinger.json Normal file
View File

@ -0,0 +1,13 @@
{
"aliases": [
"{{ base_uri }}/actor"
],
"links": [
{
"href": "{{ base_uri }}/actor",
"rel": "self",
"type": "application/activity+json"
}
],
"subject": "acct:fedibooks@{{ base_uri }}"
}

17
app/webui.py
View File

@ -32,7 +32,11 @@ scopes_pleroma = ['read', 'write', 'push']
@app.before_request @app.before_request
def login_check(): def login_check():
if request.path not in ['/', '/about', '/welcome', '/login', '/signup', '/do/login', '/do/signup'] and not request.path.startswith("/push") and not request.path.startswith('/static'): if request.path not in ['/', '/about', '/welcome', '/login', '/signup', '/do/login', '/do/signup'] \
and not request.path.startswith("/push") \
and not request.path.startswith('/static') \
and not request.path.startswith('/actor') \
and not request.path.startswith('/.well-known'):
# page requires authentication # page requires authentication
if 'user_id' not in session: if 'user_id' not in session:
return redirect(url_for('render_home')) return redirect(url_for('render_home'))
@ -370,9 +374,14 @@ def img_bot_generic():
def favicon(): def favicon():
return send_file("static/favicon.ico") return send_file("static/favicon.ico")
# @app.route("/.well-known/webfinger") @app.route("/.well-known/webfinger")
# def webfinger(): def webfinger():
# return render_template("webfinger.json", base_uri = cfg['base_uri']), 200, {'Content-type':'application/json'} return render_template("ap/webfinger.json", base_uri = cfg['base_uri']), 200, {'Content-type':'application/json'}
@app.route("/actor")
def actor():
pubkey = functions.get_key()['public'].replace("\n", "\\n")
return render_template("ap/actor.json", base_uri = cfg['base_uri'], pubkey = pubkey), 200, {'Content-type':'application/json'}
def bot_check(bot): def bot_check(bot):

20
db/setup.sql
View File

@ -8,13 +8,13 @@ CREATE TABLE IF NOT EXISTS `users` (
`submit` ENUM('always', 'once', 'never') DEFAULT 'once', `submit` ENUM('always', 'once', 'never') DEFAULT 'once',
`generation` ENUM('always', 'once', 'never') DEFAULT 'once', `generation` ENUM('always', 'once', 'never') DEFAULT 'once',
`reply` ENUM('always', 'once', 'never') DEFAULT 'once' `reply` ENUM('always', 'once', 'never') DEFAULT 'once'
) ENGINE=INNODB; ) ENGINE = INNODB;
CREATE TABLE IF NOT EXISTS `credentials` ( CREATE TABLE IF NOT EXISTS `credentials` (
`id` INT AUTO_INCREMENT PRIMARY KEY, `id` INT AUTO_INCREMENT PRIMARY KEY,
`client_id` VARCHAR(128) NOT NULL, `client_id` VARCHAR(128) NOT NULL,
`client_secret` VARCHAR(128) NOT NULL, `client_secret` VARCHAR(128) NOT NULL,
`secret` VARCHAR(128) NOT NULL `secret` VARCHAR(128) NOT NULL
) ENGINE=INNODB; ) ENGINE = INNODB;
CREATE TABLE IF NOT EXISTS `bots` ( CREATE TABLE IF NOT EXISTS `bots` (
`handle` VARCHAR(128) PRIMARY KEY, `handle` VARCHAR(128) PRIMARY KEY,
`user_id` INT NOT NULL, `user_id` INT NOT NULL,
@ -37,7 +37,7 @@ CREATE TABLE IF NOT EXISTS `bots` (
`icon_update_time` DATETIME DEFAULT '1000-01-01 00:00:00', `icon_update_time` DATETIME DEFAULT '1000-01-01 00:00:00',
FOREIGN KEY (`user_id`) REFERENCES users(id) ON DELETE CASCADE, FOREIGN KEY (`user_id`) REFERENCES users(id) ON DELETE CASCADE,
FOREIGN KEY (`credentials_id`) REFERENCES credentials(id) ON DELETE CASCADE FOREIGN KEY (`credentials_id`) REFERENCES credentials(id) ON DELETE CASCADE
) ENGINE=INNODB; ) ENGINE = INNODB;
CREATE TABLE IF NOT EXISTS `fedi_accounts` ( CREATE TABLE IF NOT EXISTS `fedi_accounts` (
`handle` VARCHAR(128) PRIMARY KEY, `handle` VARCHAR(128) PRIMARY KEY,
`outbox` VARCHAR(256), `outbox` VARCHAR(256),
@ -45,14 +45,14 @@ CREATE TABLE IF NOT EXISTS `fedi_accounts` (
`icon` VARCHAR(512), `icon` VARCHAR(512),
`icon_update_time` DATETIME DEFAULT 0, `icon_update_time` DATETIME DEFAULT 0,
FOREIGN KEY (`credentials_id`) REFERENCES credentials(id) ON DELETE CASCADE FOREIGN KEY (`credentials_id`) REFERENCES credentials(id) ON DELETE CASCADE
) ENGINE=INNODB; ) ENGINE = INNODB;
CREATE TABLE IF NOT EXISTS `bot_learned_accounts` ( CREATE TABLE IF NOT EXISTS `bot_learned_accounts` (
`bot_id` VARCHAR(128) NOT NULL, `bot_id` VARCHAR(128) NOT NULL,
`fedi_id` VARCHAR(128) NOT NULL, `fedi_id` VARCHAR(128) NOT NULL,
`enabled` BOOLEAN DEFAULT 1, `enabled` BOOLEAN DEFAULT 1,
FOREIGN KEY (`bot_id`) REFERENCES bots(handle) ON DELETE CASCADE, FOREIGN KEY (`bot_id`) REFERENCES bots(handle) ON DELETE CASCADE,
FOREIGN KEY (`fedi_id`) REFERENCES fedi_accounts(handle) ON DELETE CASCADE FOREIGN KEY (`fedi_id`) REFERENCES fedi_accounts(handle) ON DELETE CASCADE
) ENGINE=INNODB; ) ENGINE = INNODB;
CREATE TABLE IF NOT EXISTS `posts` ( CREATE TABLE IF NOT EXISTS `posts` (
`id` BIGINT AUTO_INCREMENT PRIMARY KEY, `id` BIGINT AUTO_INCREMENT PRIMARY KEY,
`fedi_id` VARCHAR(128), `fedi_id` VARCHAR(128),
@ -60,14 +60,14 @@ CREATE TABLE IF NOT EXISTS `posts` (
`content` TEXT NOT NULL, `content` TEXT NOT NULL,
`cw` BOOLEAN NOT NULL, `cw` BOOLEAN NOT NULL,
FOREIGN KEY (`fedi_id`) REFERENCES fedi_accounts(handle) ON DELETE CASCADE FOREIGN KEY (`fedi_id`) REFERENCES fedi_accounts(handle) ON DELETE CASCADE
) ENGINE=INNODB; ) ENGINE = INNODB;
CREATE TABLE IF NOT EXISTS `word_blacklist` ( CREATE TABLE IF NOT EXISTS `word_blacklist` (
`id` INT AUTO_INCREMENT PRIMARY KEY, `id` INT AUTO_INCREMENT PRIMARY KEY,
`bot_id` VARCHAR(128) NOT NULL, `bot_id` VARCHAR(128) NOT NULL,
`phrase` VARCHAR(128) NOT NULL, `phrase` VARCHAR(128) NOT NULL,
`whole_word` BOOLEAN NOT NULL, `whole_word` BOOLEAN NOT NULL,
FOREIGN KEY (`bot_id`) REFERENCES bots(handle) ON DELETE CASCADE FOREIGN KEY (`bot_id`) REFERENCES bots(handle) ON DELETE CASCADE
) ENGINE=INNODB; ) ENGINE = INNODB;
CREATE TABLE IF NOT EXISTS `contact_history` ( CREATE TABLE IF NOT EXISTS `contact_history` (
`user_id` INT NOT NULL, `user_id` INT NOT NULL,
`fetch` BOOLEAN DEFAULT 0, `fetch` BOOLEAN DEFAULT 0,
@ -75,4 +75,8 @@ CREATE TABLE IF NOT EXISTS `contact_history` (
`generation` BOOLEAN DEFAULT 0, `generation` BOOLEAN DEFAULT 0,
`reply` BOOLEAN DEFAULT 0, `reply` BOOLEAN DEFAULT 0,
FOREIGN KEY (`user_id`) REFERENCES users(id) ON DELETE CASCADE FOREIGN KEY (`user_id`) REFERENCES users(id) ON DELETE CASCADE
) ENGINE=INNODB; ) ENGINE = INNODB;
CREATE TABLE IF NOT EXISTS `http_auth_key` (
`private` TEXT NOT NULL,
`public` TEXT NOT NULL
) ENGINE = INNODB;

1
requirements.txt
View File

@ -8,3 +8,4 @@ bcrypt == 3.1.7
requests==2.23.0 requests==2.23.0
http-ece==1.1.0 http-ece==1.1.0
cryptography==2.8 cryptography==2.8
pycryptodome==3.9.7