end
def webfinger
- @account = Account.find_by!(username: username_from_resource, domain: nil)
+ @account = Account.find_local!(username_from_resource)
@canonical_account_uri = "acct:#{@account.username}@#{Rails.configuration.x.local_domain}"
@magic_key = pem_to_magic_key(@account.keypair.public_key)
rescue ActiveRecord::RecordNotFound
end
def username_from_resource
- if params[:resource].start_with?('acct:')
- params[:resource].split('@').first.gsub('acct:', '')
+ if resource_param.start_with?('acct:')
+ resource_param.split('@').first.gsub('acct:', '')
else
- url = Addressable::URI.parse(params[:resource])
+ url = Addressable::URI.parse(resource_param)
url.path.gsub('/users/', '')
end
end
(["RSA"] + [modulus, exponent].map { |n| Base64.urlsafe_encode64(n) }).join('.')
end
+
+ def resource_param
+ params.require(:resource)
+ end
end
class Account < ActiveRecord::Base
# Local users
has_one :user, inverse_of: :account
- validates :username, uniqueness: { scope: :domain }
+ validates :username, uniqueness: { scope: :domain, case_sensitive: false }
# Avatar upload
attr_reader :avatar_remote_url
self.username
end
+ def self.find_local!(username)
+ table = self.arel_table
+ self.where(table[:username].matches(username)).where(domain: nil).take!
+ end
+
before_create do
if local?
keypair = OpenSSL::PKey::RSA.new(Rails.env.test? ? 1024 : 2048)
# Access token expiration time (default 2 hours).
# If you want to disable expiration, set this to nil.
- # access_token_expires_in nil
+ access_token_expires_in nil
# Assign a custom TTL for implicit grants.
# custom_access_token_expires_in do |oauth_client|
cat aescling's git repositories / mastodon.git / commitdiff