foxhole/app/main.py

89 lines
2.5 KiB
Python
Raw Normal View History

2022-11-16 10:29:44 +01:00
#!/usr/bin/env python3
2023-03-17 09:49:09 +01:00
import logging
import sys
2022-11-16 10:29:44 +01:00
import fastapi
2023-03-17 09:49:09 +01:00
import httpx
import json
2022-11-16 10:29:44 +01:00
from fastapi import FastAPI
from fastapi import Depends
from fastapi import Request
from fastapi import Response
from fastapi.exceptions import HTTPException
from sqlalchemy.util import monkeypatch_proxied_specials
from starlette.responses import JSONResponse
from loguru import logger
2023-03-17 10:59:29 +01:00
from app import httpsig
from app.database import get_db_session
2023-03-17 10:59:29 +01:00
from app.config import DEBUG
from app.activitypub import ME
from app.config import BASE_URL
from app.config import DOMAIN
from app.config import ID
from app.config import USERNAME
from app.database import AsyncSession
from app.database import get_db_session
2023-03-17 10:59:29 +01:00
from app.boxes import save_incoming
2022-11-16 10:29:44 +01:00
def _check_0rtt_early_data(request: Request) -> None:
"""Disable TLS1.3 0-RTT requests for non-GET."""
if request.headers.get("Early-Data", None) == "1" and request.method != "GET":
raise fastapi.HTTPException(status_code=425, detail="Too early")
app = FastAPI(
docs_url=None, redoc_url=None, dependencies=[Depends(_check_0rtt_early_data)]
)
logger.remove()
logger.add(sys.stdout, level="DEBUG" if DEBUG else "INFO")
2022-11-16 10:29:44 +01:00
@app.get("/")
async def index():
return ME
@app.post("/inbox")
async def inbox(
request: Request,
db_session: AsyncSession = Depends(get_db_session),
2023-03-17 10:59:29 +01:00
httpsig_checker = Depends(httpsig.httpsig_checker),
) -> Response:
payload = await request.json()
2023-03-17 09:49:09 +01:00
2023-03-17 10:59:29 +01:00
if httpsig_checker:
await save_incoming(db_session, payload)
return Response(status_code=202)
else:
2023-03-17 10:59:29 +01:00
return Response(status_code=401)
@app.get("/.well-known/webfinger")
async def wellknown_webfinger(resource: str) -> JSONResponse:
"""Exposes/servers WebFinger data."""
if resource not in [f"acct:{USERNAME}@{DOMAIN}", ID]:
logger.info(f"Got invalid req for {resource}")
raise HTTPException(status_code=404)
out = {
"subject": f"acct:{USERNAME}@{DOMAIN}",
"aliases": [ID],
"links": [
{
"rel": "http://webfinger.net/rel/profile-page",
"type": "text/html",
"href": ID + "/",
},
{"rel": "self", "type": "application/activity+json", "href": ID},
{
"rel": "http://ostatus.org/schema/1.0/subscribe",
"template": BASE_URL + "/admin/lookup?query={uri}",
},
],
}
return JSONResponse(
out,
media_type="application/jrd+json; charset=utf-8",
headers={"Access-Control-Allow-Origin": "*"},
)