mirror/ditto
mirror/ditto
1
0
Fork 0
mirror of https://gitlab.com/soapbox-pub/ditto.git synced 2025-12-06 03:19:46 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions

Allow custom_emojis endpoint to be accessed without a user

Browse source
This commit is contained in:
Alex Gleason 2025-03-15 12:48:54 -05:00
parent d0d400901c
commit e5dd285e6b
No known key found for this signature in database
GPG key ID: 7211D1F99744FBB7
5 changed files with 34 additions and 10 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

8
packages/ditto/routes/customEmojisRoute.test.ts
View file

@ -10,6 +10,14 @@ Deno.test('customEmojisRoute', async (t) => {
await using test = new TestApp(route); await using test = new TestApp(route);
const { relay } = test.var; const { relay } = test.var;
await t.step('unauth', async () => {
const response = await test.api.get('/');
const body = await response.json();
assertEquals(response.status, 200);
assertEquals(body, []);
});
const sk = generateSecretKey(); const sk = generateSecretKey();
const user = test.user({ relay, signer: new NSecSigner(sk) }); const user = test.user({ relay, signer: new NSecSigner(sk) });
const pubkey = await user.signer.getPublicKey(); const pubkey = await user.signer.getPublicKey();

6
packages/ditto/routes/customEmojisRoute.ts
View file

@ -13,9 +13,13 @@ interface MastodonCustomEmoji {
category?: string; category?: string;
} }
route.get('/', userMiddleware(), async (c) => { route.get('/', userMiddleware({ required: false }), async (c) => {
const { user } = c.var; const { user } = c.var;
if (!user) {
return c.json([]);
}
const pubkey = await user.signer.getPublicKey(); const pubkey = await user.signer.getPublicKey();
const emojis = await getCustomEmojis(pubkey, c.var); const emojis = await getCustomEmojis(pubkey, c.var);

4
packages/ditto/utils/custom-emoji.ts
View file

@ -58,8 +58,7 @@ export async function getCustomEmojis(
const d = event.tags.find(([name]) => name === 'd')?.[1]; const d = event.tags.find(([name]) => name === 'd')?.[1];
for (const [t, shortcode, url] of event.tags) { for (const [t, shortcode, url] of event.tags) {
if (t === 'emoji') { if (t === 'emoji' && /^\w+$/.test(shortcode) && !emojis.has(shortcode)) {
if (!emojis.has(shortcode)) {
try { try {
emojis.set(shortcode, { url: new URL(url), category: d }); emojis.set(shortcode, { url: new URL(url), category: d });
} catch { } catch {
@ -68,7 +67,6 @@ export async function getCustomEmojis(
} }
} }
} }
}
return emojis; return emojis;
} }

12
packages/mastoapi/middleware/userMiddleware.test.ts
View file

@ -10,6 +10,18 @@ Deno.test('no user 401', async () => {
assertEquals(response.status, 401); assertEquals(response.status, 401);
}); });
Deno.test('no user required false', async () => {
await using app = new TestApp();
app
.use(userMiddleware({ required: false }))
.get('/', (c) => c.text('ok'));
const response = await app.request('/');
assertEquals(response.status, 200);
});
Deno.test('unsupported signer 400', async () => { Deno.test('unsupported signer 400', async () => {
await using app = new TestApp(); await using app = new TestApp();

6
packages/mastoapi/middleware/userMiddleware.ts
View file

@ -12,6 +12,7 @@ interface UserMiddlewareOpts {
enc?: 'nip04' | 'nip44'; enc?: 'nip04' | 'nip44';
role?: string; role?: string;
verify?: boolean; verify?: boolean;
required?: boolean;
} }
export function userMiddleware(): DittoMiddleware<{ user: User }>; export function userMiddleware(): DittoMiddleware<{ user: User }>;
@ -19,13 +20,14 @@ export function userMiddleware(): DittoMiddleware<{ user: User }>;
export function userMiddleware( export function userMiddleware(
opts: UserMiddlewareOpts & { enc: 'nip44' }, opts: UserMiddlewareOpts & { enc: 'nip44' },
): DittoMiddleware<{ user: User<Nip44Signer> }>; ): DittoMiddleware<{ user: User<Nip44Signer> }>;
export function userMiddleware(opts: UserMiddlewareOpts & { required: false }): DittoMiddleware<{ user?: User }>;
export function userMiddleware(opts: UserMiddlewareOpts): DittoMiddleware<{ user: User }>; export function userMiddleware(opts: UserMiddlewareOpts): DittoMiddleware<{ user: User }>;
export function userMiddleware(opts: UserMiddlewareOpts = {}): DittoMiddleware<{ user: User }> { export function userMiddleware(opts: UserMiddlewareOpts = {}): DittoMiddleware<{ user: User }> {
return async (c, next) => { return async (c, next) => {
const { conf, user, relay } = c.var; const { conf, user, relay } = c.var;
const { enc, role, verify } = opts; const { enc, role, verify, required = true } = opts;
if (!user) { if (!user && required) {
throw new HTTPException(401, { message: 'Authorization required' }); throw new HTTPException(401, { message: 'Authorization required' });
} }