danbarber/micropub
1
0
Fork 0
mirror of https://github.com/danbee/micropub.git synced 2025-03-04 08:59:13 +00:00
Code Issues Releases Wiki Activity

Properly authenticate the client

Browse Source
This commit is contained in:
Daniel Barber 2019-11-12 21:19:04 -05:00
parent d446ccd709
commit 9931199b8d
Signed by: danbarber
GPG Key ID: 931D8112E0103DD8
1 changed files with 18 additions and 4 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

22
lib/micropub/webserver.rb
View File

@ -10,13 +10,15 @@ module Micropub
github = Github.new github = Github.new
endpoints = Indieauth::Endpoints.new(ENV.fetch("SITE_URL"))
token = Indieauth::Token.new(endpoints.token_endpoint)
get '/' do get '/' do
"Hello, World!" "Hello, World!"
end end
get '/view-headers' do
content_type :text
json request.env
end
get "/micropub/main" do get "/micropub/main" do
json data: { json data: {
posts: github.posts posts: github.posts
@ -24,7 +26,7 @@ module Micropub
end end
post "/micropub/main" do post "/micropub/main" do
if token.validate(ENV.fetch("INDIEAUTH_TOKEN")) if valid_token?
post = Post.new(params) post = Post.new(params)
if github.post!(post) if github.post!(post)
@ -37,5 +39,17 @@ module Micropub
status 401 status 401
end end
end end
def valid_token?
token = Indieauth::Token.new(endpoints.token_endpoint)
auth_type, auth_token = request.env["HTTP_AUTHORIZATION"]&.split(" ")
auth_type == "Bearer" && token.validate(auth_token)
end
def endpoints
@_endpoints ||= Indieauth::Endpoints.new(ENV.fetch("SITE_URL"))
end
end end
end end