yetangitu/funkwhale
1
0
Fork 0
mirror of https://code.eliotberriot.com/funkwhale/funkwhale.git synced 2025-10-03 23:59:15 +02:00
Code Issues Releases Wiki Activity

Avoid fetching Actor object on every request authentication

Browse source
This commit is contained in:
Eliot Berriot 2018-04-28 00:25:47 +02:00
parent e0fce26820
commit 6dcde77b1e
No known key found for this signature in database
GPG key ID: DD6965E2476E5C27
8 changed files with 63 additions and 17 deletions
Download patch file Download diff file Expand all files Collapse all files

17
api/funkwhale_api/federation/authentication.py
View file

@ -25,28 +25,19 @@ class SignatureAuthentication(authentication.BaseAuthentication):
raise exceptions.AuthenticationFailed(str(e))
try:
actor_data = actors.get_actor_data(key_id)
actor = actors.get_actor(key_id.split('#')[0])
except Exception as e:
raise exceptions.AuthenticationFailed(str(e))
try:
public_key = actor_data['publicKey']['publicKeyPem']
except KeyError:
if not actor.public_key:
raise exceptions.AuthenticationFailed('No public key found')
serializer = serializers.ActorSerializer(data=actor_data)
if not serializer.is_valid():
raise exceptions.AuthenticationFailed('Invalid actor payload: {}'.format(serializer.errors))
try:
signing.verify_django(request, public_key.encode('utf-8'))
signing.verify_django(request, actor.public_key.encode('utf-8'))
except cryptography.exceptions.InvalidSignature:
raise exceptions.AuthenticationFailed('Invalid signature')
try:
return models.Actor.objects.get(url=actor_data['id'])
except models.Actor.DoesNotExist:
return serializer.save()
return actor
def authenticate(self, request):
setattr(request, 'actor', None)