Nemcio/NodeBB
1
0
Fork 0
mirror of https://github.com/NodeBB/NodeBB.git synced 2025-11-02 20:16:04 +01:00
Code Issues Packages Projects Releases Wiki Activity

feat: track incoming requests by id, analytics increment for some metrics, ignore repeated requests by id

Browse Source 
closes #12574
This commit is contained in:
Julian Lam
2024-05-14 12:06:59 -04:00
parent b106a6a018
commit 4e9cd8efc0
5 changed files with 185 additions and 10 deletions
Download Patch File Download Diff File Expand all files Collapse all files

24
src/middleware/activitypub.js
View File

@@ -32,6 +32,22 @@ middleware.assertS2S = async function (req, res, next) {
middleware.validate = async function (req, res, next) {
winston.verbose('[middleware/activitypub] Validating incoming payload...');
// Sanity-check payload schema
const required = ['id', 'type', 'actor', 'object'];
if (!required.every(prop => req.body.hasOwnProperty(prop))) {
winston.verbose('[middleware/activitypub] Request body missing required properties.');
return res.sendStatus(400);
}
winston.verbose('[middleware/activitypub] Request body check passed.');
// History check
const seen = await db.isSortedSetMember('activities:datetime', req.body.id);
if (seen) {
winston.verbose(`[middleware/activitypub] Activity already seen, ignoring (${req.body.id}).`);
return res.sendStatus(200);
}
// Checks the validity of the incoming payload against the sender and rejects on failure
const verified = await activitypub.verify(req);
if (!verified) {
@@ -40,14 +56,6 @@ middleware.validate = async function (req, res, next) {
}
winston.verbose('[middleware/activitypub] HTTP signature verification passed.');
// Sanity-check payload schema
const required = ['type', 'actor', 'object'];
if (!required.every(prop => req.body.hasOwnProperty(prop))) {
winston.verbose('[middleware/activitypub] Request body missing required properties.');
return res.sendStatus(400);
}
winston.verbose('[middleware/activitypub] Request body check passed.');
let { actor, object } = req.body;
// Actor normalization