diff --git a/app/utils/precheck.py b/app/utils/precheck.py index d499360..b1124e1 100644 --- a/app/utils/precheck.py +++ b/app/utils/precheck.py @@ -1,11 +1,10 @@ #!/usr/bin/env python3 import fastapi import json -import httpx from loguru import logger from app.httpsig import HttpSignature -from app.config import AP_CONTENT_TYPE, USER_AGENT +from app import ldsig from app.database import AsyncSession from app.database import get_db_session @@ -16,7 +15,7 @@ from sqlalchemy import select async def inbox_prechecker( request : fastapi.Request, db_session : AsyncSession = fastapi.Depends(get_db_session) -) -> bool : +) -> bool: """ Check http request """ @@ -58,6 +57,11 @@ async def inbox_prechecker( logger.exception("Failed to precheck delete activity") actor_id = payload["actor"] + send_actor_id = parsec_signature["keyid"].split('#')[0] + + if actor_id != send_actor_id: + return await ldsig.verify_signature(db_session, payload) + _actor = await fetch_actor(db_session, actor_id) try: