mirror of
https://git.sr.ht/~tsileo/microblog.pub
synced 2024-12-21 12:44:27 +00:00
Initial commit for new v2
This commit is contained in:
commit
d528369954
63 changed files with 7961 additions and 0 deletions
4
.flake8
Normal file
4
.flake8
Normal file
|
@ -0,0 +1,4 @@
|
|||
[flake8]
|
||||
max-line-length = 88
|
||||
extend-ignore = E203
|
||||
exclude = alembic/versions
|
4
.gitignore
vendored
Normal file
4
.gitignore
vendored
Normal file
|
@ -0,0 +1,4 @@
|
|||
*.db
|
||||
__pycache__/
|
||||
.mypy_cache/
|
||||
.pytest_cache/
|
661
LICENSE
Normal file
661
LICENSE
Normal file
|
@ -0,0 +1,661 @@
|
|||
GNU AFFERO GENERAL PUBLIC LICENSE
|
||||
Version 3, 19 November 2007
|
||||
|
||||
Copyright (C) 2007 Free Software Foundation, Inc. <https://fsf.org/>
|
||||
Everyone is permitted to copy and distribute verbatim copies
|
||||
of this license document, but changing it is not allowed.
|
||||
|
||||
Preamble
|
||||
|
||||
The GNU Affero General Public License is a free, copyleft license for
|
||||
software and other kinds of works, specifically designed to ensure
|
||||
cooperation with the community in the case of network server software.
|
||||
|
||||
The licenses for most software and other practical works are designed
|
||||
to take away your freedom to share and change the works. By contrast,
|
||||
our General Public Licenses are intended to guarantee your freedom to
|
||||
share and change all versions of a program--to make sure it remains free
|
||||
software for all its users.
|
||||
|
||||
When we speak of free software, we are referring to freedom, not
|
||||
price. Our General Public Licenses are designed to make sure that you
|
||||
have the freedom to distribute copies of free software (and charge for
|
||||
them if you wish), that you receive source code or can get it if you
|
||||
want it, that you can change the software or use pieces of it in new
|
||||
free programs, and that you know you can do these things.
|
||||
|
||||
Developers that use our General Public Licenses protect your rights
|
||||
with two steps: (1) assert copyright on the software, and (2) offer
|
||||
you this License which gives you legal permission to copy, distribute
|
||||
and/or modify the software.
|
||||
|
||||
A secondary benefit of defending all users' freedom is that
|
||||
improvements made in alternate versions of the program, if they
|
||||
receive widespread use, become available for other developers to
|
||||
incorporate. Many developers of free software are heartened and
|
||||
encouraged by the resulting cooperation. However, in the case of
|
||||
software used on network servers, this result may fail to come about.
|
||||
The GNU General Public License permits making a modified version and
|
||||
letting the public access it on a server without ever releasing its
|
||||
source code to the public.
|
||||
|
||||
The GNU Affero General Public License is designed specifically to
|
||||
ensure that, in such cases, the modified source code becomes available
|
||||
to the community. It requires the operator of a network server to
|
||||
provide the source code of the modified version running there to the
|
||||
users of that server. Therefore, public use of a modified version, on
|
||||
a publicly accessible server, gives the public access to the source
|
||||
code of the modified version.
|
||||
|
||||
An older license, called the Affero General Public License and
|
||||
published by Affero, was designed to accomplish similar goals. This is
|
||||
a different license, not a version of the Affero GPL, but Affero has
|
||||
released a new version of the Affero GPL which permits relicensing under
|
||||
this license.
|
||||
|
||||
The precise terms and conditions for copying, distribution and
|
||||
modification follow.
|
||||
|
||||
TERMS AND CONDITIONS
|
||||
|
||||
0. Definitions.
|
||||
|
||||
"This License" refers to version 3 of the GNU Affero General Public License.
|
||||
|
||||
"Copyright" also means copyright-like laws that apply to other kinds of
|
||||
works, such as semiconductor masks.
|
||||
|
||||
"The Program" refers to any copyrightable work licensed under this
|
||||
License. Each licensee is addressed as "you". "Licensees" and
|
||||
"recipients" may be individuals or organizations.
|
||||
|
||||
To "modify" a work means to copy from or adapt all or part of the work
|
||||
in a fashion requiring copyright permission, other than the making of an
|
||||
exact copy. The resulting work is called a "modified version" of the
|
||||
earlier work or a work "based on" the earlier work.
|
||||
|
||||
A "covered work" means either the unmodified Program or a work based
|
||||
on the Program.
|
||||
|
||||
To "propagate" a work means to do anything with it that, without
|
||||
permission, would make you directly or secondarily liable for
|
||||
infringement under applicable copyright law, except executing it on a
|
||||
computer or modifying a private copy. Propagation includes copying,
|
||||
distribution (with or without modification), making available to the
|
||||
public, and in some countries other activities as well.
|
||||
|
||||
To "convey" a work means any kind of propagation that enables other
|
||||
parties to make or receive copies. Mere interaction with a user through
|
||||
a computer network, with no transfer of a copy, is not conveying.
|
||||
|
||||
An interactive user interface displays "Appropriate Legal Notices"
|
||||
to the extent that it includes a convenient and prominently visible
|
||||
feature that (1) displays an appropriate copyright notice, and (2)
|
||||
tells the user that there is no warranty for the work (except to the
|
||||
extent that warranties are provided), that licensees may convey the
|
||||
work under this License, and how to view a copy of this License. If
|
||||
the interface presents a list of user commands or options, such as a
|
||||
menu, a prominent item in the list meets this criterion.
|
||||
|
||||
1. Source Code.
|
||||
|
||||
The "source code" for a work means the preferred form of the work
|
||||
for making modifications to it. "Object code" means any non-source
|
||||
form of a work.
|
||||
|
||||
A "Standard Interface" means an interface that either is an official
|
||||
standard defined by a recognized standards body, or, in the case of
|
||||
interfaces specified for a particular programming language, one that
|
||||
is widely used among developers working in that language.
|
||||
|
||||
The "System Libraries" of an executable work include anything, other
|
||||
than the work as a whole, that (a) is included in the normal form of
|
||||
packaging a Major Component, but which is not part of that Major
|
||||
Component, and (b) serves only to enable use of the work with that
|
||||
Major Component, or to implement a Standard Interface for which an
|
||||
implementation is available to the public in source code form. A
|
||||
"Major Component", in this context, means a major essential component
|
||||
(kernel, window system, and so on) of the specific operating system
|
||||
(if any) on which the executable work runs, or a compiler used to
|
||||
produce the work, or an object code interpreter used to run it.
|
||||
|
||||
The "Corresponding Source" for a work in object code form means all
|
||||
the source code needed to generate, install, and (for an executable
|
||||
work) run the object code and to modify the work, including scripts to
|
||||
control those activities. However, it does not include the work's
|
||||
System Libraries, or general-purpose tools or generally available free
|
||||
programs which are used unmodified in performing those activities but
|
||||
which are not part of the work. For example, Corresponding Source
|
||||
includes interface definition files associated with source files for
|
||||
the work, and the source code for shared libraries and dynamically
|
||||
linked subprograms that the work is specifically designed to require,
|
||||
such as by intimate data communication or control flow between those
|
||||
subprograms and other parts of the work.
|
||||
|
||||
The Corresponding Source need not include anything that users
|
||||
can regenerate automatically from other parts of the Corresponding
|
||||
Source.
|
||||
|
||||
The Corresponding Source for a work in source code form is that
|
||||
same work.
|
||||
|
||||
2. Basic Permissions.
|
||||
|
||||
All rights granted under this License are granted for the term of
|
||||
copyright on the Program, and are irrevocable provided the stated
|
||||
conditions are met. This License explicitly affirms your unlimited
|
||||
permission to run the unmodified Program. The output from running a
|
||||
covered work is covered by this License only if the output, given its
|
||||
content, constitutes a covered work. This License acknowledges your
|
||||
rights of fair use or other equivalent, as provided by copyright law.
|
||||
|
||||
You may make, run and propagate covered works that you do not
|
||||
convey, without conditions so long as your license otherwise remains
|
||||
in force. You may convey covered works to others for the sole purpose
|
||||
of having them make modifications exclusively for you, or provide you
|
||||
with facilities for running those works, provided that you comply with
|
||||
the terms of this License in conveying all material for which you do
|
||||
not control copyright. Those thus making or running the covered works
|
||||
for you must do so exclusively on your behalf, under your direction
|
||||
and control, on terms that prohibit them from making any copies of
|
||||
your copyrighted material outside their relationship with you.
|
||||
|
||||
Conveying under any other circumstances is permitted solely under
|
||||
the conditions stated below. Sublicensing is not allowed; section 10
|
||||
makes it unnecessary.
|
||||
|
||||
3. Protecting Users' Legal Rights From Anti-Circumvention Law.
|
||||
|
||||
No covered work shall be deemed part of an effective technological
|
||||
measure under any applicable law fulfilling obligations under article
|
||||
11 of the WIPO copyright treaty adopted on 20 December 1996, or
|
||||
similar laws prohibiting or restricting circumvention of such
|
||||
measures.
|
||||
|
||||
When you convey a covered work, you waive any legal power to forbid
|
||||
circumvention of technological measures to the extent such circumvention
|
||||
is effected by exercising rights under this License with respect to
|
||||
the covered work, and you disclaim any intention to limit operation or
|
||||
modification of the work as a means of enforcing, against the work's
|
||||
users, your or third parties' legal rights to forbid circumvention of
|
||||
technological measures.
|
||||
|
||||
4. Conveying Verbatim Copies.
|
||||
|
||||
You may convey verbatim copies of the Program's source code as you
|
||||
receive it, in any medium, provided that you conspicuously and
|
||||
appropriately publish on each copy an appropriate copyright notice;
|
||||
keep intact all notices stating that this License and any
|
||||
non-permissive terms added in accord with section 7 apply to the code;
|
||||
keep intact all notices of the absence of any warranty; and give all
|
||||
recipients a copy of this License along with the Program.
|
||||
|
||||
You may charge any price or no price for each copy that you convey,
|
||||
and you may offer support or warranty protection for a fee.
|
||||
|
||||
5. Conveying Modified Source Versions.
|
||||
|
||||
You may convey a work based on the Program, or the modifications to
|
||||
produce it from the Program, in the form of source code under the
|
||||
terms of section 4, provided that you also meet all of these conditions:
|
||||
|
||||
a) The work must carry prominent notices stating that you modified
|
||||
it, and giving a relevant date.
|
||||
|
||||
b) The work must carry prominent notices stating that it is
|
||||
released under this License and any conditions added under section
|
||||
7. This requirement modifies the requirement in section 4 to
|
||||
"keep intact all notices".
|
||||
|
||||
c) You must license the entire work, as a whole, under this
|
||||
License to anyone who comes into possession of a copy. This
|
||||
License will therefore apply, along with any applicable section 7
|
||||
additional terms, to the whole of the work, and all its parts,
|
||||
regardless of how they are packaged. This License gives no
|
||||
permission to license the work in any other way, but it does not
|
||||
invalidate such permission if you have separately received it.
|
||||
|
||||
d) If the work has interactive user interfaces, each must display
|
||||
Appropriate Legal Notices; however, if the Program has interactive
|
||||
interfaces that do not display Appropriate Legal Notices, your
|
||||
work need not make them do so.
|
||||
|
||||
A compilation of a covered work with other separate and independent
|
||||
works, which are not by their nature extensions of the covered work,
|
||||
and which are not combined with it such as to form a larger program,
|
||||
in or on a volume of a storage or distribution medium, is called an
|
||||
"aggregate" if the compilation and its resulting copyright are not
|
||||
used to limit the access or legal rights of the compilation's users
|
||||
beyond what the individual works permit. Inclusion of a covered work
|
||||
in an aggregate does not cause this License to apply to the other
|
||||
parts of the aggregate.
|
||||
|
||||
6. Conveying Non-Source Forms.
|
||||
|
||||
You may convey a covered work in object code form under the terms
|
||||
of sections 4 and 5, provided that you also convey the
|
||||
machine-readable Corresponding Source under the terms of this License,
|
||||
in one of these ways:
|
||||
|
||||
a) Convey the object code in, or embodied in, a physical product
|
||||
(including a physical distribution medium), accompanied by the
|
||||
Corresponding Source fixed on a durable physical medium
|
||||
customarily used for software interchange.
|
||||
|
||||
b) Convey the object code in, or embodied in, a physical product
|
||||
(including a physical distribution medium), accompanied by a
|
||||
written offer, valid for at least three years and valid for as
|
||||
long as you offer spare parts or customer support for that product
|
||||
model, to give anyone who possesses the object code either (1) a
|
||||
copy of the Corresponding Source for all the software in the
|
||||
product that is covered by this License, on a durable physical
|
||||
medium customarily used for software interchange, for a price no
|
||||
more than your reasonable cost of physically performing this
|
||||
conveying of source, or (2) access to copy the
|
||||
Corresponding Source from a network server at no charge.
|
||||
|
||||
c) Convey individual copies of the object code with a copy of the
|
||||
written offer to provide the Corresponding Source. This
|
||||
alternative is allowed only occasionally and noncommercially, and
|
||||
only if you received the object code with such an offer, in accord
|
||||
with subsection 6b.
|
||||
|
||||
d) Convey the object code by offering access from a designated
|
||||
place (gratis or for a charge), and offer equivalent access to the
|
||||
Corresponding Source in the same way through the same place at no
|
||||
further charge. You need not require recipients to copy the
|
||||
Corresponding Source along with the object code. If the place to
|
||||
copy the object code is a network server, the Corresponding Source
|
||||
may be on a different server (operated by you or a third party)
|
||||
that supports equivalent copying facilities, provided you maintain
|
||||
clear directions next to the object code saying where to find the
|
||||
Corresponding Source. Regardless of what server hosts the
|
||||
Corresponding Source, you remain obligated to ensure that it is
|
||||
available for as long as needed to satisfy these requirements.
|
||||
|
||||
e) Convey the object code using peer-to-peer transmission, provided
|
||||
you inform other peers where the object code and Corresponding
|
||||
Source of the work are being offered to the general public at no
|
||||
charge under subsection 6d.
|
||||
|
||||
A separable portion of the object code, whose source code is excluded
|
||||
from the Corresponding Source as a System Library, need not be
|
||||
included in conveying the object code work.
|
||||
|
||||
A "User Product" is either (1) a "consumer product", which means any
|
||||
tangible personal property which is normally used for personal, family,
|
||||
or household purposes, or (2) anything designed or sold for incorporation
|
||||
into a dwelling. In determining whether a product is a consumer product,
|
||||
doubtful cases shall be resolved in favor of coverage. For a particular
|
||||
product received by a particular user, "normally used" refers to a
|
||||
typical or common use of that class of product, regardless of the status
|
||||
of the particular user or of the way in which the particular user
|
||||
actually uses, or expects or is expected to use, the product. A product
|
||||
is a consumer product regardless of whether the product has substantial
|
||||
commercial, industrial or non-consumer uses, unless such uses represent
|
||||
the only significant mode of use of the product.
|
||||
|
||||
"Installation Information" for a User Product means any methods,
|
||||
procedures, authorization keys, or other information required to install
|
||||
and execute modified versions of a covered work in that User Product from
|
||||
a modified version of its Corresponding Source. The information must
|
||||
suffice to ensure that the continued functioning of the modified object
|
||||
code is in no case prevented or interfered with solely because
|
||||
modification has been made.
|
||||
|
||||
If you convey an object code work under this section in, or with, or
|
||||
specifically for use in, a User Product, and the conveying occurs as
|
||||
part of a transaction in which the right of possession and use of the
|
||||
User Product is transferred to the recipient in perpetuity or for a
|
||||
fixed term (regardless of how the transaction is characterized), the
|
||||
Corresponding Source conveyed under this section must be accompanied
|
||||
by the Installation Information. But this requirement does not apply
|
||||
if neither you nor any third party retains the ability to install
|
||||
modified object code on the User Product (for example, the work has
|
||||
been installed in ROM).
|
||||
|
||||
The requirement to provide Installation Information does not include a
|
||||
requirement to continue to provide support service, warranty, or updates
|
||||
for a work that has been modified or installed by the recipient, or for
|
||||
the User Product in which it has been modified or installed. Access to a
|
||||
network may be denied when the modification itself materially and
|
||||
adversely affects the operation of the network or violates the rules and
|
||||
protocols for communication across the network.
|
||||
|
||||
Corresponding Source conveyed, and Installation Information provided,
|
||||
in accord with this section must be in a format that is publicly
|
||||
documented (and with an implementation available to the public in
|
||||
source code form), and must require no special password or key for
|
||||
unpacking, reading or copying.
|
||||
|
||||
7. Additional Terms.
|
||||
|
||||
"Additional permissions" are terms that supplement the terms of this
|
||||
License by making exceptions from one or more of its conditions.
|
||||
Additional permissions that are applicable to the entire Program shall
|
||||
be treated as though they were included in this License, to the extent
|
||||
that they are valid under applicable law. If additional permissions
|
||||
apply only to part of the Program, that part may be used separately
|
||||
under those permissions, but the entire Program remains governed by
|
||||
this License without regard to the additional permissions.
|
||||
|
||||
When you convey a copy of a covered work, you may at your option
|
||||
remove any additional permissions from that copy, or from any part of
|
||||
it. (Additional permissions may be written to require their own
|
||||
removal in certain cases when you modify the work.) You may place
|
||||
additional permissions on material, added by you to a covered work,
|
||||
for which you have or can give appropriate copyright permission.
|
||||
|
||||
Notwithstanding any other provision of this License, for material you
|
||||
add to a covered work, you may (if authorized by the copyright holders of
|
||||
that material) supplement the terms of this License with terms:
|
||||
|
||||
a) Disclaiming warranty or limiting liability differently from the
|
||||
terms of sections 15 and 16 of this License; or
|
||||
|
||||
b) Requiring preservation of specified reasonable legal notices or
|
||||
author attributions in that material or in the Appropriate Legal
|
||||
Notices displayed by works containing it; or
|
||||
|
||||
c) Prohibiting misrepresentation of the origin of that material, or
|
||||
requiring that modified versions of such material be marked in
|
||||
reasonable ways as different from the original version; or
|
||||
|
||||
d) Limiting the use for publicity purposes of names of licensors or
|
||||
authors of the material; or
|
||||
|
||||
e) Declining to grant rights under trademark law for use of some
|
||||
trade names, trademarks, or service marks; or
|
||||
|
||||
f) Requiring indemnification of licensors and authors of that
|
||||
material by anyone who conveys the material (or modified versions of
|
||||
it) with contractual assumptions of liability to the recipient, for
|
||||
any liability that these contractual assumptions directly impose on
|
||||
those licensors and authors.
|
||||
|
||||
All other non-permissive additional terms are considered "further
|
||||
restrictions" within the meaning of section 10. If the Program as you
|
||||
received it, or any part of it, contains a notice stating that it is
|
||||
governed by this License along with a term that is a further
|
||||
restriction, you may remove that term. If a license document contains
|
||||
a further restriction but permits relicensing or conveying under this
|
||||
License, you may add to a covered work material governed by the terms
|
||||
of that license document, provided that the further restriction does
|
||||
not survive such relicensing or conveying.
|
||||
|
||||
If you add terms to a covered work in accord with this section, you
|
||||
must place, in the relevant source files, a statement of the
|
||||
additional terms that apply to those files, or a notice indicating
|
||||
where to find the applicable terms.
|
||||
|
||||
Additional terms, permissive or non-permissive, may be stated in the
|
||||
form of a separately written license, or stated as exceptions;
|
||||
the above requirements apply either way.
|
||||
|
||||
8. Termination.
|
||||
|
||||
You may not propagate or modify a covered work except as expressly
|
||||
provided under this License. Any attempt otherwise to propagate or
|
||||
modify it is void, and will automatically terminate your rights under
|
||||
this License (including any patent licenses granted under the third
|
||||
paragraph of section 11).
|
||||
|
||||
However, if you cease all violation of this License, then your
|
||||
license from a particular copyright holder is reinstated (a)
|
||||
provisionally, unless and until the copyright holder explicitly and
|
||||
finally terminates your license, and (b) permanently, if the copyright
|
||||
holder fails to notify you of the violation by some reasonable means
|
||||
prior to 60 days after the cessation.
|
||||
|
||||
Moreover, your license from a particular copyright holder is
|
||||
reinstated permanently if the copyright holder notifies you of the
|
||||
violation by some reasonable means, this is the first time you have
|
||||
received notice of violation of this License (for any work) from that
|
||||
copyright holder, and you cure the violation prior to 30 days after
|
||||
your receipt of the notice.
|
||||
|
||||
Termination of your rights under this section does not terminate the
|
||||
licenses of parties who have received copies or rights from you under
|
||||
this License. If your rights have been terminated and not permanently
|
||||
reinstated, you do not qualify to receive new licenses for the same
|
||||
material under section 10.
|
||||
|
||||
9. Acceptance Not Required for Having Copies.
|
||||
|
||||
You are not required to accept this License in order to receive or
|
||||
run a copy of the Program. Ancillary propagation of a covered work
|
||||
occurring solely as a consequence of using peer-to-peer transmission
|
||||
to receive a copy likewise does not require acceptance. However,
|
||||
nothing other than this License grants you permission to propagate or
|
||||
modify any covered work. These actions infringe copyright if you do
|
||||
not accept this License. Therefore, by modifying or propagating a
|
||||
covered work, you indicate your acceptance of this License to do so.
|
||||
|
||||
10. Automatic Licensing of Downstream Recipients.
|
||||
|
||||
Each time you convey a covered work, the recipient automatically
|
||||
receives a license from the original licensors, to run, modify and
|
||||
propagate that work, subject to this License. You are not responsible
|
||||
for enforcing compliance by third parties with this License.
|
||||
|
||||
An "entity transaction" is a transaction transferring control of an
|
||||
organization, or substantially all assets of one, or subdividing an
|
||||
organization, or merging organizations. If propagation of a covered
|
||||
work results from an entity transaction, each party to that
|
||||
transaction who receives a copy of the work also receives whatever
|
||||
licenses to the work the party's predecessor in interest had or could
|
||||
give under the previous paragraph, plus a right to possession of the
|
||||
Corresponding Source of the work from the predecessor in interest, if
|
||||
the predecessor has it or can get it with reasonable efforts.
|
||||
|
||||
You may not impose any further restrictions on the exercise of the
|
||||
rights granted or affirmed under this License. For example, you may
|
||||
not impose a license fee, royalty, or other charge for exercise of
|
||||
rights granted under this License, and you may not initiate litigation
|
||||
(including a cross-claim or counterclaim in a lawsuit) alleging that
|
||||
any patent claim is infringed by making, using, selling, offering for
|
||||
sale, or importing the Program or any portion of it.
|
||||
|
||||
11. Patents.
|
||||
|
||||
A "contributor" is a copyright holder who authorizes use under this
|
||||
License of the Program or a work on which the Program is based. The
|
||||
work thus licensed is called the contributor's "contributor version".
|
||||
|
||||
A contributor's "essential patent claims" are all patent claims
|
||||
owned or controlled by the contributor, whether already acquired or
|
||||
hereafter acquired, that would be infringed by some manner, permitted
|
||||
by this License, of making, using, or selling its contributor version,
|
||||
but do not include claims that would be infringed only as a
|
||||
consequence of further modification of the contributor version. For
|
||||
purposes of this definition, "control" includes the right to grant
|
||||
patent sublicenses in a manner consistent with the requirements of
|
||||
this License.
|
||||
|
||||
Each contributor grants you a non-exclusive, worldwide, royalty-free
|
||||
patent license under the contributor's essential patent claims, to
|
||||
make, use, sell, offer for sale, import and otherwise run, modify and
|
||||
propagate the contents of its contributor version.
|
||||
|
||||
In the following three paragraphs, a "patent license" is any express
|
||||
agreement or commitment, however denominated, not to enforce a patent
|
||||
(such as an express permission to practice a patent or covenant not to
|
||||
sue for patent infringement). To "grant" such a patent license to a
|
||||
party means to make such an agreement or commitment not to enforce a
|
||||
patent against the party.
|
||||
|
||||
If you convey a covered work, knowingly relying on a patent license,
|
||||
and the Corresponding Source of the work is not available for anyone
|
||||
to copy, free of charge and under the terms of this License, through a
|
||||
publicly available network server or other readily accessible means,
|
||||
then you must either (1) cause the Corresponding Source to be so
|
||||
available, or (2) arrange to deprive yourself of the benefit of the
|
||||
patent license for this particular work, or (3) arrange, in a manner
|
||||
consistent with the requirements of this License, to extend the patent
|
||||
license to downstream recipients. "Knowingly relying" means you have
|
||||
actual knowledge that, but for the patent license, your conveying the
|
||||
covered work in a country, or your recipient's use of the covered work
|
||||
in a country, would infringe one or more identifiable patents in that
|
||||
country that you have reason to believe are valid.
|
||||
|
||||
If, pursuant to or in connection with a single transaction or
|
||||
arrangement, you convey, or propagate by procuring conveyance of, a
|
||||
covered work, and grant a patent license to some of the parties
|
||||
receiving the covered work authorizing them to use, propagate, modify
|
||||
or convey a specific copy of the covered work, then the patent license
|
||||
you grant is automatically extended to all recipients of the covered
|
||||
work and works based on it.
|
||||
|
||||
A patent license is "discriminatory" if it does not include within
|
||||
the scope of its coverage, prohibits the exercise of, or is
|
||||
conditioned on the non-exercise of one or more of the rights that are
|
||||
specifically granted under this License. You may not convey a covered
|
||||
work if you are a party to an arrangement with a third party that is
|
||||
in the business of distributing software, under which you make payment
|
||||
to the third party based on the extent of your activity of conveying
|
||||
the work, and under which the third party grants, to any of the
|
||||
parties who would receive the covered work from you, a discriminatory
|
||||
patent license (a) in connection with copies of the covered work
|
||||
conveyed by you (or copies made from those copies), or (b) primarily
|
||||
for and in connection with specific products or compilations that
|
||||
contain the covered work, unless you entered into that arrangement,
|
||||
or that patent license was granted, prior to 28 March 2007.
|
||||
|
||||
Nothing in this License shall be construed as excluding or limiting
|
||||
any implied license or other defenses to infringement that may
|
||||
otherwise be available to you under applicable patent law.
|
||||
|
||||
12. No Surrender of Others' Freedom.
|
||||
|
||||
If conditions are imposed on you (whether by court order, agreement or
|
||||
otherwise) that contradict the conditions of this License, they do not
|
||||
excuse you from the conditions of this License. If you cannot convey a
|
||||
covered work so as to satisfy simultaneously your obligations under this
|
||||
License and any other pertinent obligations, then as a consequence you may
|
||||
not convey it at all. For example, if you agree to terms that obligate you
|
||||
to collect a royalty for further conveying from those to whom you convey
|
||||
the Program, the only way you could satisfy both those terms and this
|
||||
License would be to refrain entirely from conveying the Program.
|
||||
|
||||
13. Remote Network Interaction; Use with the GNU General Public License.
|
||||
|
||||
Notwithstanding any other provision of this License, if you modify the
|
||||
Program, your modified version must prominently offer all users
|
||||
interacting with it remotely through a computer network (if your version
|
||||
supports such interaction) an opportunity to receive the Corresponding
|
||||
Source of your version by providing access to the Corresponding Source
|
||||
from a network server at no charge, through some standard or customary
|
||||
means of facilitating copying of software. This Corresponding Source
|
||||
shall include the Corresponding Source for any work covered by version 3
|
||||
of the GNU General Public License that is incorporated pursuant to the
|
||||
following paragraph.
|
||||
|
||||
Notwithstanding any other provision of this License, you have
|
||||
permission to link or combine any covered work with a work licensed
|
||||
under version 3 of the GNU General Public License into a single
|
||||
combined work, and to convey the resulting work. The terms of this
|
||||
License will continue to apply to the part which is the covered work,
|
||||
but the work with which it is combined will remain governed by version
|
||||
3 of the GNU General Public License.
|
||||
|
||||
14. Revised Versions of this License.
|
||||
|
||||
The Free Software Foundation may publish revised and/or new versions of
|
||||
the GNU Affero General Public License from time to time. Such new versions
|
||||
will be similar in spirit to the present version, but may differ in detail to
|
||||
address new problems or concerns.
|
||||
|
||||
Each version is given a distinguishing version number. If the
|
||||
Program specifies that a certain numbered version of the GNU Affero General
|
||||
Public License "or any later version" applies to it, you have the
|
||||
option of following the terms and conditions either of that numbered
|
||||
version or of any later version published by the Free Software
|
||||
Foundation. If the Program does not specify a version number of the
|
||||
GNU Affero General Public License, you may choose any version ever published
|
||||
by the Free Software Foundation.
|
||||
|
||||
If the Program specifies that a proxy can decide which future
|
||||
versions of the GNU Affero General Public License can be used, that proxy's
|
||||
public statement of acceptance of a version permanently authorizes you
|
||||
to choose that version for the Program.
|
||||
|
||||
Later license versions may give you additional or different
|
||||
permissions. However, no additional obligations are imposed on any
|
||||
author or copyright holder as a result of your choosing to follow a
|
||||
later version.
|
||||
|
||||
15. Disclaimer of Warranty.
|
||||
|
||||
THERE IS NO WARRANTY FOR THE PROGRAM, TO THE EXTENT PERMITTED BY
|
||||
APPLICABLE LAW. EXCEPT WHEN OTHERWISE STATED IN WRITING THE COPYRIGHT
|
||||
HOLDERS AND/OR OTHER PARTIES PROVIDE THE PROGRAM "AS IS" WITHOUT WARRANTY
|
||||
OF ANY KIND, EITHER EXPRESSED OR IMPLIED, INCLUDING, BUT NOT LIMITED TO,
|
||||
THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
|
||||
PURPOSE. THE ENTIRE RISK AS TO THE QUALITY AND PERFORMANCE OF THE PROGRAM
|
||||
IS WITH YOU. SHOULD THE PROGRAM PROVE DEFECTIVE, YOU ASSUME THE COST OF
|
||||
ALL NECESSARY SERVICING, REPAIR OR CORRECTION.
|
||||
|
||||
16. Limitation of Liability.
|
||||
|
||||
IN NO EVENT UNLESS REQUIRED BY APPLICABLE LAW OR AGREED TO IN WRITING
|
||||
WILL ANY COPYRIGHT HOLDER, OR ANY OTHER PARTY WHO MODIFIES AND/OR CONVEYS
|
||||
THE PROGRAM AS PERMITTED ABOVE, BE LIABLE TO YOU FOR DAMAGES, INCLUDING ANY
|
||||
GENERAL, SPECIAL, INCIDENTAL OR CONSEQUENTIAL DAMAGES ARISING OUT OF THE
|
||||
USE OR INABILITY TO USE THE PROGRAM (INCLUDING BUT NOT LIMITED TO LOSS OF
|
||||
DATA OR DATA BEING RENDERED INACCURATE OR LOSSES SUSTAINED BY YOU OR THIRD
|
||||
PARTIES OR A FAILURE OF THE PROGRAM TO OPERATE WITH ANY OTHER PROGRAMS),
|
||||
EVEN IF SUCH HOLDER OR OTHER PARTY HAS BEEN ADVISED OF THE POSSIBILITY OF
|
||||
SUCH DAMAGES.
|
||||
|
||||
17. Interpretation of Sections 15 and 16.
|
||||
|
||||
If the disclaimer of warranty and limitation of liability provided
|
||||
above cannot be given local legal effect according to their terms,
|
||||
reviewing courts shall apply local law that most closely approximates
|
||||
an absolute waiver of all civil liability in connection with the
|
||||
Program, unless a warranty or assumption of liability accompanies a
|
||||
copy of the Program in return for a fee.
|
||||
|
||||
END OF TERMS AND CONDITIONS
|
||||
|
||||
How to Apply These Terms to Your New Programs
|
||||
|
||||
If you develop a new program, and you want it to be of the greatest
|
||||
possible use to the public, the best way to achieve this is to make it
|
||||
free software which everyone can redistribute and change under these terms.
|
||||
|
||||
To do so, attach the following notices to the program. It is safest
|
||||
to attach them to the start of each source file to most effectively
|
||||
state the exclusion of warranty; and each file should have at least
|
||||
the "copyright" line and a pointer to where the full notice is found.
|
||||
|
||||
<one line to give the program's name and a brief idea of what it does.>
|
||||
Copyright (C) <year> <name of author>
|
||||
|
||||
This program is free software: you can redistribute it and/or modify
|
||||
it under the terms of the GNU Affero General Public License as published by
|
||||
the Free Software Foundation, either version 3 of the License, or
|
||||
(at your option) any later version.
|
||||
|
||||
This program is distributed in the hope that it will be useful,
|
||||
but WITHOUT ANY WARRANTY; without even the implied warranty of
|
||||
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
||||
GNU Affero General Public License for more details.
|
||||
|
||||
You should have received a copy of the GNU Affero General Public License
|
||||
along with this program. If not, see <https://www.gnu.org/licenses/>.
|
||||
|
||||
Also add information on how to contact you by electronic and paper mail.
|
||||
|
||||
If your software can interact with users remotely through a computer
|
||||
network, you should also make sure that it provides a way for users to
|
||||
get its source. For example, if your program is a web application, its
|
||||
interface could display a "Source" link that leads users to an archive
|
||||
of the code. There are many ways you could offer source, and different
|
||||
solutions will be better for different programs; see section 13 for the
|
||||
specific requirements.
|
||||
|
||||
You should also get your employer (if you work as a programmer) or school,
|
||||
if any, to sign a "copyright disclaimer" for the program, if necessary.
|
||||
For more information on this, and how to apply and follow the GNU AGPL, see
|
||||
<https://www.gnu.org/licenses/>.
|
9
README.md
Normal file
9
README.md
Normal file
|
@ -0,0 +1,9 @@
|
|||
# microblog.pub
|
||||
|
||||
This branch is a complete rewrite of the original microblog.pub server.
|
||||
|
||||
The original server became hard to debug, maintain and is not super easy to deploy (due to the dependecies like MongoDB).
|
||||
|
||||
This rewrite is built using "modern" Python 3.10, SQLite and does not need any external tasks queue service.
|
||||
|
||||
It is still in early development, this README will be updated when I get to deploy a personal instance in the wild.
|
105
alembic.ini
Normal file
105
alembic.ini
Normal file
|
@ -0,0 +1,105 @@
|
|||
# A generic, single database configuration.
|
||||
|
||||
[alembic]
|
||||
# path to migration scripts
|
||||
script_location = alembic
|
||||
|
||||
# template used to generate migration file names; The default value is %%(rev)s_%%(slug)s
|
||||
# Uncomment the line below if you want the files to be prepended with date and time
|
||||
# see https://alembic.sqlalchemy.org/en/latest/tutorial.html#editing-the-ini-file
|
||||
# for all available tokens
|
||||
# file_template = %%(year)d_%%(month).2d_%%(day).2d_%%(hour).2d%%(minute).2d-%%(rev)s_%%(slug)s
|
||||
|
||||
# sys.path path, will be prepended to sys.path if present.
|
||||
# defaults to the current working directory.
|
||||
prepend_sys_path = .
|
||||
|
||||
# timezone to use when rendering the date within the migration file
|
||||
# as well as the filename.
|
||||
# If specified, requires the python-dateutil library that can be
|
||||
# installed by adding `alembic[tz]` to the pip requirements
|
||||
# string value is passed to dateutil.tz.gettz()
|
||||
# leave blank for localtime
|
||||
# timezone =
|
||||
|
||||
# max length of characters to apply to the
|
||||
# "slug" field
|
||||
# truncate_slug_length = 40
|
||||
|
||||
# set to 'true' to run the environment during
|
||||
# the 'revision' command, regardless of autogenerate
|
||||
# revision_environment = false
|
||||
|
||||
# set to 'true' to allow .pyc and .pyo files without
|
||||
# a source .py file to be detected as revisions in the
|
||||
# versions/ directory
|
||||
# sourceless = false
|
||||
|
||||
# version location specification; This defaults
|
||||
# to alembic/versions. When using multiple version
|
||||
# directories, initial revisions must be specified with --version-path.
|
||||
# The path separator used here should be the separator specified by "version_path_separator" below.
|
||||
# version_locations = %(here)s/bar:%(here)s/bat:alembic/versions
|
||||
|
||||
# version path separator; As mentioned above, this is the character used to split
|
||||
# version_locations. The default within new alembic.ini files is "os", which uses os.pathsep.
|
||||
# If this key is omitted entirely, it falls back to the legacy behavior of splitting on spaces and/or commas.
|
||||
# Valid values for version_path_separator are:
|
||||
#
|
||||
# version_path_separator = :
|
||||
# version_path_separator = ;
|
||||
# version_path_separator = space
|
||||
version_path_separator = os # Use os.pathsep. Default configuration used for new projects.
|
||||
|
||||
# the output encoding used when revision files
|
||||
# are written from script.py.mako
|
||||
# output_encoding = utf-8
|
||||
|
||||
sqlalchemy.url =
|
||||
|
||||
|
||||
[post_write_hooks]
|
||||
# post_write_hooks defines scripts or Python functions that are run
|
||||
# on newly generated revision scripts. See the documentation for further
|
||||
# detail and examples
|
||||
|
||||
# format using "black" - use the console_scripts runner, against the "black" entrypoint
|
||||
# hooks = black
|
||||
# black.type = console_scripts
|
||||
# black.entrypoint = black
|
||||
# black.options = -l 79 REVISION_SCRIPT_FILENAME
|
||||
|
||||
# Logging configuration
|
||||
[loggers]
|
||||
keys = root,sqlalchemy,alembic
|
||||
|
||||
[handlers]
|
||||
keys = console
|
||||
|
||||
[formatters]
|
||||
keys = generic
|
||||
|
||||
[logger_root]
|
||||
level = WARN
|
||||
handlers = console
|
||||
qualname =
|
||||
|
||||
[logger_sqlalchemy]
|
||||
level = WARN
|
||||
handlers =
|
||||
qualname = sqlalchemy.engine
|
||||
|
||||
[logger_alembic]
|
||||
level = INFO
|
||||
handlers =
|
||||
qualname = alembic
|
||||
|
||||
[handler_console]
|
||||
class = StreamHandler
|
||||
args = (sys.stderr,)
|
||||
level = NOTSET
|
||||
formatter = generic
|
||||
|
||||
[formatter_generic]
|
||||
format = %(levelname)-5.5s [%(name)s] %(message)s
|
||||
datefmt = %H:%M:%S
|
1
alembic/README
Normal file
1
alembic/README
Normal file
|
@ -0,0 +1 @@
|
|||
Generic single-database configuration.
|
81
alembic/env.py
Normal file
81
alembic/env.py
Normal file
|
@ -0,0 +1,81 @@
|
|||
from logging.config import fileConfig
|
||||
|
||||
from sqlalchemy import engine_from_config
|
||||
from sqlalchemy import pool
|
||||
|
||||
import app.models # noqa: F401 # Register models
|
||||
from alembic import context
|
||||
from app.database import SQLALCHEMY_DATABASE_URL
|
||||
from app.database import Base
|
||||
|
||||
# this is the Alembic Config object, which provides
|
||||
# access to the values within the .ini file in use.
|
||||
config = context.config
|
||||
|
||||
# Interpret the config file for Python logging.
|
||||
# This line sets up loggers basically.
|
||||
if config.config_file_name is not None:
|
||||
fileConfig(config.config_file_name)
|
||||
|
||||
config.set_main_option("sqlalchemy.url", SQLALCHEMY_DATABASE_URL)
|
||||
|
||||
# add your model's MetaData object here
|
||||
# for 'autogenerate' support
|
||||
# from myapp import mymodel
|
||||
# target_metadata = mymodel.Base.metadata
|
||||
target_metadata = Base.metadata
|
||||
|
||||
# other values from the config, defined by the needs of env.py,
|
||||
# can be acquired:
|
||||
# my_important_option = config.get_main_option("my_important_option")
|
||||
# ... etc.
|
||||
|
||||
|
||||
def run_migrations_offline() -> None:
|
||||
"""Run migrations in 'offline' mode.
|
||||
|
||||
This configures the context with just a URL
|
||||
and not an Engine, though an Engine is acceptable
|
||||
here as well. By skipping the Engine creation
|
||||
we don't even need a DBAPI to be available.
|
||||
|
||||
Calls to context.execute() here emit the given string to the
|
||||
script output.
|
||||
|
||||
"""
|
||||
url = config.get_main_option("sqlalchemy.url")
|
||||
context.configure(
|
||||
url=url,
|
||||
target_metadata=target_metadata,
|
||||
literal_binds=True,
|
||||
dialect_opts={"paramstyle": "named"},
|
||||
)
|
||||
|
||||
with context.begin_transaction():
|
||||
context.run_migrations()
|
||||
|
||||
|
||||
def run_migrations_online() -> None:
|
||||
"""Run migrations in 'online' mode.
|
||||
|
||||
In this scenario we need to create an Engine
|
||||
and associate a connection with the context.
|
||||
|
||||
"""
|
||||
connectable = engine_from_config(
|
||||
config.get_section(config.config_ini_section),
|
||||
prefix="sqlalchemy.",
|
||||
poolclass=pool.NullPool,
|
||||
)
|
||||
|
||||
with connectable.connect() as connection:
|
||||
context.configure(connection=connection, target_metadata=target_metadata)
|
||||
|
||||
with context.begin_transaction():
|
||||
context.run_migrations()
|
||||
|
||||
|
||||
if context.is_offline_mode():
|
||||
run_migrations_offline()
|
||||
else:
|
||||
run_migrations_online()
|
24
alembic/script.py.mako
Normal file
24
alembic/script.py.mako
Normal file
|
@ -0,0 +1,24 @@
|
|||
"""${message}
|
||||
|
||||
Revision ID: ${up_revision}
|
||||
Revises: ${down_revision | comma,n}
|
||||
Create Date: ${create_date}
|
||||
|
||||
"""
|
||||
from alembic import op
|
||||
import sqlalchemy as sa
|
||||
${imports if imports else ""}
|
||||
|
||||
# revision identifiers, used by Alembic.
|
||||
revision = ${repr(up_revision)}
|
||||
down_revision = ${repr(down_revision)}
|
||||
branch_labels = ${repr(branch_labels)}
|
||||
depends_on = ${repr(depends_on)}
|
||||
|
||||
|
||||
def upgrade() -> None:
|
||||
${upgrades if upgrades else "pass"}
|
||||
|
||||
|
||||
def downgrade() -> None:
|
||||
${downgrades if downgrades else "pass"}
|
192
alembic/versions/b122c3a69fc9_initial_migration.py
Normal file
192
alembic/versions/b122c3a69fc9_initial_migration.py
Normal file
|
@ -0,0 +1,192 @@
|
|||
"""Initial migration
|
||||
|
||||
Revision ID: b122c3a69fc9
|
||||
Revises:
|
||||
Create Date: 2022-06-22 19:54:19.153320
|
||||
|
||||
"""
|
||||
import sqlalchemy as sa
|
||||
|
||||
from alembic import op
|
||||
|
||||
# revision identifiers, used by Alembic.
|
||||
revision = 'b122c3a69fc9'
|
||||
down_revision = None
|
||||
branch_labels = None
|
||||
depends_on = None
|
||||
|
||||
|
||||
def upgrade() -> None:
|
||||
# ### commands auto generated by Alembic - please adjust! ###
|
||||
op.create_table('actors',
|
||||
sa.Column('id', sa.Integer(), nullable=False),
|
||||
sa.Column('created_at', sa.DateTime(timezone=True), nullable=False),
|
||||
sa.Column('updated_at', sa.DateTime(timezone=True), nullable=False),
|
||||
sa.Column('ap_id', sa.String(), nullable=False),
|
||||
sa.Column('ap_actor', sa.JSON(), nullable=False),
|
||||
sa.Column('ap_type', sa.String(), nullable=False),
|
||||
sa.Column('handle', sa.String(), nullable=True),
|
||||
sa.PrimaryKeyConstraint('id')
|
||||
)
|
||||
op.create_index(op.f('ix_actors_ap_id'), 'actors', ['ap_id'], unique=True)
|
||||
op.create_index(op.f('ix_actors_handle'), 'actors', ['handle'], unique=False)
|
||||
op.create_index(op.f('ix_actors_id'), 'actors', ['id'], unique=False)
|
||||
op.create_table('inbox',
|
||||
sa.Column('id', sa.Integer(), nullable=False),
|
||||
sa.Column('created_at', sa.DateTime(timezone=True), nullable=False),
|
||||
sa.Column('updated_at', sa.DateTime(timezone=True), nullable=False),
|
||||
sa.Column('actor_id', sa.Integer(), nullable=False),
|
||||
sa.Column('server', sa.String(), nullable=False),
|
||||
sa.Column('is_hidden_from_stream', sa.Boolean(), nullable=False),
|
||||
sa.Column('ap_actor_id', sa.String(), nullable=False),
|
||||
sa.Column('ap_type', sa.String(), nullable=False),
|
||||
sa.Column('ap_id', sa.String(), nullable=False),
|
||||
sa.Column('ap_context', sa.String(), nullable=True),
|
||||
sa.Column('ap_published_at', sa.DateTime(timezone=True), nullable=False),
|
||||
sa.Column('ap_object', sa.JSON(), nullable=False),
|
||||
sa.Column('activity_object_ap_id', sa.String(), nullable=True),
|
||||
sa.Column('visibility', sa.Enum('PUBLIC', 'UNLISTED', 'DIRECT', name='visibilityenum'), nullable=False),
|
||||
sa.Column('relates_to_inbox_object_id', sa.Integer(), nullable=True),
|
||||
sa.Column('relates_to_outbox_object_id', sa.Integer(), nullable=True),
|
||||
sa.Column('undone_by_inbox_object_id', sa.Integer(), nullable=True),
|
||||
sa.Column('liked_via_outbox_object_ap_id', sa.String(), nullable=True),
|
||||
sa.Column('announced_via_outbox_object_ap_id', sa.String(), nullable=True),
|
||||
sa.Column('is_bookmarked', sa.Boolean(), nullable=False),
|
||||
sa.Column('has_replies', sa.Boolean(), nullable=False),
|
||||
sa.Column('og_meta', sa.JSON(), nullable=True),
|
||||
sa.ForeignKeyConstraint(['actor_id'], ['actors.id'], ),
|
||||
sa.ForeignKeyConstraint(['relates_to_inbox_object_id'], ['inbox.id'], ),
|
||||
sa.ForeignKeyConstraint(['relates_to_outbox_object_id'], ['outbox.id'], ),
|
||||
sa.ForeignKeyConstraint(['undone_by_inbox_object_id'], ['inbox.id'], ),
|
||||
sa.PrimaryKeyConstraint('id')
|
||||
)
|
||||
op.create_index(op.f('ix_inbox_ap_id'), 'inbox', ['ap_id'], unique=True)
|
||||
op.create_index(op.f('ix_inbox_id'), 'inbox', ['id'], unique=False)
|
||||
op.create_table('outbox',
|
||||
sa.Column('id', sa.Integer(), nullable=False),
|
||||
sa.Column('created_at', sa.DateTime(timezone=True), nullable=False),
|
||||
sa.Column('updated_at', sa.DateTime(timezone=True), nullable=False),
|
||||
sa.Column('is_hidden_from_homepage', sa.Boolean(), nullable=False),
|
||||
sa.Column('public_id', sa.String(), nullable=False),
|
||||
sa.Column('ap_type', sa.String(), nullable=False),
|
||||
sa.Column('ap_id', sa.String(), nullable=False),
|
||||
sa.Column('ap_context', sa.String(), nullable=True),
|
||||
sa.Column('ap_object', sa.JSON(), nullable=False),
|
||||
sa.Column('activity_object_ap_id', sa.String(), nullable=True),
|
||||
sa.Column('source', sa.String(), nullable=True),
|
||||
sa.Column('ap_published_at', sa.DateTime(timezone=True), nullable=False),
|
||||
sa.Column('visibility', sa.Enum('PUBLIC', 'UNLISTED', 'DIRECT', name='visibilityenum'), nullable=False),
|
||||
sa.Column('likes_count', sa.Integer(), nullable=False),
|
||||
sa.Column('announces_count', sa.Integer(), nullable=False),
|
||||
sa.Column('replies_count', sa.Integer(), nullable=False),
|
||||
sa.Column('webmentions', sa.JSON(), nullable=True),
|
||||
sa.Column('og_meta', sa.JSON(), nullable=True),
|
||||
sa.Column('is_deleted', sa.Boolean(), nullable=False),
|
||||
sa.Column('relates_to_inbox_object_id', sa.Integer(), nullable=True),
|
||||
sa.Column('relates_to_outbox_object_id', sa.Integer(), nullable=True),
|
||||
sa.Column('undone_by_outbox_object_id', sa.Integer(), nullable=True),
|
||||
sa.ForeignKeyConstraint(['relates_to_inbox_object_id'], ['inbox.id'], ),
|
||||
sa.ForeignKeyConstraint(['relates_to_outbox_object_id'], ['outbox.id'], ),
|
||||
sa.ForeignKeyConstraint(['undone_by_outbox_object_id'], ['outbox.id'], ),
|
||||
sa.PrimaryKeyConstraint('id')
|
||||
)
|
||||
op.create_index(op.f('ix_outbox_ap_id'), 'outbox', ['ap_id'], unique=True)
|
||||
op.create_index(op.f('ix_outbox_id'), 'outbox', ['id'], unique=False)
|
||||
op.create_index(op.f('ix_outbox_public_id'), 'outbox', ['public_id'], unique=False)
|
||||
op.create_table('followers',
|
||||
sa.Column('id', sa.Integer(), nullable=False),
|
||||
sa.Column('created_at', sa.DateTime(timezone=True), nullable=False),
|
||||
sa.Column('updated_at', sa.DateTime(timezone=True), nullable=False),
|
||||
sa.Column('actor_id', sa.Integer(), nullable=False),
|
||||
sa.Column('inbox_object_id', sa.Integer(), nullable=False),
|
||||
sa.Column('ap_actor_id', sa.String(), nullable=False),
|
||||
sa.ForeignKeyConstraint(['actor_id'], ['actors.id'], ),
|
||||
sa.ForeignKeyConstraint(['inbox_object_id'], ['inbox.id'], ),
|
||||
sa.PrimaryKeyConstraint('id'),
|
||||
sa.UniqueConstraint('actor_id'),
|
||||
sa.UniqueConstraint('ap_actor_id')
|
||||
)
|
||||
op.create_index(op.f('ix_followers_id'), 'followers', ['id'], unique=False)
|
||||
op.create_table('following',
|
||||
sa.Column('id', sa.Integer(), nullable=False),
|
||||
sa.Column('created_at', sa.DateTime(timezone=True), nullable=False),
|
||||
sa.Column('updated_at', sa.DateTime(timezone=True), nullable=False),
|
||||
sa.Column('actor_id', sa.Integer(), nullable=False),
|
||||
sa.Column('outbox_object_id', sa.Integer(), nullable=False),
|
||||
sa.Column('ap_actor_id', sa.String(), nullable=False),
|
||||
sa.ForeignKeyConstraint(['actor_id'], ['actors.id'], ),
|
||||
sa.ForeignKeyConstraint(['outbox_object_id'], ['outbox.id'], ),
|
||||
sa.PrimaryKeyConstraint('id'),
|
||||
sa.UniqueConstraint('actor_id'),
|
||||
sa.UniqueConstraint('ap_actor_id')
|
||||
)
|
||||
op.create_index(op.f('ix_following_id'), 'following', ['id'], unique=False)
|
||||
op.create_table('notifications',
|
||||
sa.Column('id', sa.Integer(), nullable=False),
|
||||
sa.Column('created_at', sa.DateTime(timezone=True), nullable=False),
|
||||
sa.Column('notification_type', sa.Enum('NEW_FOLLOWER', 'UNFOLLOW', 'LIKE', 'UNDO_LIKE', 'ANNOUNCE', 'UNDO_ANNOUNCE', 'MENTION', name='notificationtype'), nullable=True),
|
||||
sa.Column('is_new', sa.Boolean(), nullable=False),
|
||||
sa.Column('actor_id', sa.Integer(), nullable=True),
|
||||
sa.Column('outbox_object_id', sa.Integer(), nullable=True),
|
||||
sa.Column('inbox_object_id', sa.Integer(), nullable=True),
|
||||
sa.ForeignKeyConstraint(['actor_id'], ['actors.id'], ),
|
||||
sa.ForeignKeyConstraint(['inbox_object_id'], ['inbox.id'], ),
|
||||
sa.ForeignKeyConstraint(['outbox_object_id'], ['outbox.id'], ),
|
||||
sa.PrimaryKeyConstraint('id')
|
||||
)
|
||||
op.create_index(op.f('ix_notifications_id'), 'notifications', ['id'], unique=False)
|
||||
op.create_table('outgoing_activities',
|
||||
sa.Column('id', sa.Integer(), nullable=False),
|
||||
sa.Column('created_at', sa.DateTime(timezone=True), nullable=False),
|
||||
sa.Column('recipient', sa.String(), nullable=False),
|
||||
sa.Column('outbox_object_id', sa.Integer(), nullable=False),
|
||||
sa.Column('tries', sa.Integer(), nullable=False),
|
||||
sa.Column('next_try', sa.DateTime(timezone=True), nullable=True),
|
||||
sa.Column('last_try', sa.DateTime(timezone=True), nullable=True),
|
||||
sa.Column('last_status_code', sa.Integer(), nullable=True),
|
||||
sa.Column('last_response', sa.String(), nullable=True),
|
||||
sa.Column('is_sent', sa.Boolean(), nullable=False),
|
||||
sa.Column('is_errored', sa.Boolean(), nullable=False),
|
||||
sa.Column('error', sa.String(), nullable=True),
|
||||
sa.ForeignKeyConstraint(['outbox_object_id'], ['outbox.id'], ),
|
||||
sa.PrimaryKeyConstraint('id')
|
||||
)
|
||||
op.create_index(op.f('ix_outgoing_activities_id'), 'outgoing_activities', ['id'], unique=False)
|
||||
op.create_table('tagged_outbox_objects',
|
||||
sa.Column('id', sa.Integer(), nullable=False),
|
||||
sa.Column('outbox_object_id', sa.Integer(), nullable=False),
|
||||
sa.Column('tag', sa.String(), nullable=False),
|
||||
sa.ForeignKeyConstraint(['outbox_object_id'], ['outbox.id'], ),
|
||||
sa.PrimaryKeyConstraint('id'),
|
||||
sa.UniqueConstraint('outbox_object_id', 'tag', name='uix_tagged_object')
|
||||
)
|
||||
op.create_index(op.f('ix_tagged_outbox_objects_id'), 'tagged_outbox_objects', ['id'], unique=False)
|
||||
op.create_index(op.f('ix_tagged_outbox_objects_tag'), 'tagged_outbox_objects', ['tag'], unique=False)
|
||||
# ### end Alembic commands ###
|
||||
|
||||
|
||||
def downgrade() -> None:
|
||||
# ### commands auto generated by Alembic - please adjust! ###
|
||||
op.drop_index(op.f('ix_tagged_outbox_objects_tag'), table_name='tagged_outbox_objects')
|
||||
op.drop_index(op.f('ix_tagged_outbox_objects_id'), table_name='tagged_outbox_objects')
|
||||
op.drop_table('tagged_outbox_objects')
|
||||
op.drop_index(op.f('ix_outgoing_activities_id'), table_name='outgoing_activities')
|
||||
op.drop_table('outgoing_activities')
|
||||
op.drop_index(op.f('ix_notifications_id'), table_name='notifications')
|
||||
op.drop_table('notifications')
|
||||
op.drop_index(op.f('ix_following_id'), table_name='following')
|
||||
op.drop_table('following')
|
||||
op.drop_index(op.f('ix_followers_id'), table_name='followers')
|
||||
op.drop_table('followers')
|
||||
op.drop_index(op.f('ix_outbox_public_id'), table_name='outbox')
|
||||
op.drop_index(op.f('ix_outbox_id'), table_name='outbox')
|
||||
op.drop_index(op.f('ix_outbox_ap_id'), table_name='outbox')
|
||||
op.drop_table('outbox')
|
||||
op.drop_index(op.f('ix_inbox_id'), table_name='inbox')
|
||||
op.drop_index(op.f('ix_inbox_ap_id'), table_name='inbox')
|
||||
op.drop_table('inbox')
|
||||
op.drop_index(op.f('ix_actors_id'), table_name='actors')
|
||||
op.drop_index(op.f('ix_actors_handle'), table_name='actors')
|
||||
op.drop_index(op.f('ix_actors_ap_id'), table_name='actors')
|
||||
op.drop_table('actors')
|
||||
# ### end Alembic commands ###
|
0
app/__init__.py
Normal file
0
app/__init__.py
Normal file
276
app/activitypub.py
Normal file
276
app/activitypub.py
Normal file
|
@ -0,0 +1,276 @@
|
|||
import enum
|
||||
import json
|
||||
import mimetypes
|
||||
from typing import Any
|
||||
|
||||
import httpx
|
||||
|
||||
from app import config
|
||||
from app.httpsig import auth
|
||||
from app.key import get_pubkey_as_pem
|
||||
|
||||
RawObject = dict[str, Any]
|
||||
AS_CTX = "https://www.w3.org/ns/activitystreams"
|
||||
AS_PUBLIC = "https://www.w3.org/ns/activitystreams#Public"
|
||||
|
||||
ACTOR_TYPES = ["Application", "Group", "Organization", "Person", "Service"]
|
||||
|
||||
|
||||
class VisibilityEnum(str, enum.Enum):
|
||||
PUBLIC = "public"
|
||||
UNLISTED = "unlisted"
|
||||
DIRECT = "direct"
|
||||
|
||||
|
||||
MICROBLOGPUB = {
|
||||
"@context": [
|
||||
"https://www.w3.org/ns/activitystreams",
|
||||
"https://w3id.org/security/v1",
|
||||
{
|
||||
"Hashtag": "as:Hashtag",
|
||||
"PropertyValue": "schema:PropertyValue",
|
||||
"manuallyApprovesFollowers": "as:manuallyApprovesFollowers",
|
||||
"ostatus": "http://ostatus.org#",
|
||||
"schema": "http://schema.org",
|
||||
"sensitive": "as:sensitive",
|
||||
"toot": "http://joinmastodon.org/ns#",
|
||||
"totalItems": "as:totalItems",
|
||||
"value": "schema:value",
|
||||
"Emoji": "toot:Emoji",
|
||||
},
|
||||
]
|
||||
}
|
||||
|
||||
DEFAULT_CTX = COLLECTION_CTX = [
|
||||
"https://www.w3.org/ns/activitystreams",
|
||||
"https://w3id.org/security/v1",
|
||||
{
|
||||
# AS ext
|
||||
"Hashtag": "as:Hashtag",
|
||||
"sensitive": "as:sensitive",
|
||||
"manuallyApprovesFollowers": "as:manuallyApprovesFollowers",
|
||||
# toot
|
||||
"toot": "http://joinmastodon.org/ns#",
|
||||
# "featured": "toot:featured",
|
||||
# schema
|
||||
"schema": "http://schema.org#",
|
||||
"PropertyValue": "schema:PropertyValue",
|
||||
"value": "schema:value",
|
||||
},
|
||||
]
|
||||
|
||||
ME = {
|
||||
"@context": DEFAULT_CTX,
|
||||
"type": "Person",
|
||||
"id": config.ID,
|
||||
"following": config.BASE_URL + "/following",
|
||||
"followers": config.BASE_URL + "/followers",
|
||||
# "featured": ID + "/featured",
|
||||
"inbox": config.BASE_URL + "/inbox",
|
||||
"outbox": config.BASE_URL + "/outbox",
|
||||
"preferredUsername": config.USERNAME,
|
||||
"name": config.CONFIG.name,
|
||||
"summary": config.CONFIG.summary,
|
||||
"endpoints": {},
|
||||
"url": config.ID,
|
||||
"manuallyApprovesFollowers": False,
|
||||
"attachment": [],
|
||||
"icon": {
|
||||
"mediaType": mimetypes.guess_type(config.CONFIG.icon_url)[0],
|
||||
"type": "Image",
|
||||
"url": config.CONFIG.icon_url,
|
||||
},
|
||||
"publicKey": {
|
||||
"id": f"{config.ID}#main-key",
|
||||
"owner": config.ID,
|
||||
"publicKeyPem": get_pubkey_as_pem(),
|
||||
},
|
||||
"alsoKnownAs": [],
|
||||
}
|
||||
|
||||
|
||||
class NotAnObjectError(Exception):
|
||||
def __init__(self, url: str, resp: httpx.Response | None = None) -> None:
|
||||
message = f"{url} is not an AP activity"
|
||||
super().__init__(message)
|
||||
self.url = url
|
||||
self.resp = resp
|
||||
|
||||
|
||||
def fetch(url: str, params: dict[str, Any] | None = None) -> dict[str, Any]:
|
||||
resp = httpx.get(
|
||||
url,
|
||||
headers={
|
||||
"User-Agent": config.USER_AGENT,
|
||||
"Accept": config.AP_CONTENT_TYPE,
|
||||
},
|
||||
params=params,
|
||||
follow_redirects=True,
|
||||
)
|
||||
resp.raise_for_status()
|
||||
try:
|
||||
return resp.json()
|
||||
except json.JSONDecodeError:
|
||||
raise NotAnObjectError(url, resp)
|
||||
|
||||
|
||||
def parse_collection( # noqa: C901
|
||||
url: str | None = None,
|
||||
payload: RawObject | None = None,
|
||||
level: int = 0,
|
||||
) -> list[RawObject]:
|
||||
"""Resolve/fetch a `Collection`/`OrderedCollection`."""
|
||||
if level > 3:
|
||||
raise ValueError("recursion limit exceeded")
|
||||
|
||||
# Go through all the pages
|
||||
out: list[RawObject] = []
|
||||
if url:
|
||||
payload = fetch(url)
|
||||
if not payload:
|
||||
raise ValueError("must at least prove a payload or an URL")
|
||||
|
||||
ap_type = payload.get("type")
|
||||
if not ap_type:
|
||||
raise ValueError(f"Missing type: {payload=}")
|
||||
|
||||
if level == 0 and ap_type not in ["Collection", "OrderedCollection"]:
|
||||
raise ValueError(f"Unexpected type {ap_type}")
|
||||
|
||||
if payload["type"] in ["Collection", "OrderedCollection"]:
|
||||
if "orderedItems" in payload:
|
||||
return payload["orderedItems"]
|
||||
if "items" in payload:
|
||||
return payload["items"]
|
||||
if "first" in payload:
|
||||
if isinstance(payload["first"], str):
|
||||
out.extend(parse_collection(url=payload["first"], level=level + 1))
|
||||
else:
|
||||
if "orderedItems" in payload["first"]:
|
||||
out.extend(payload["first"]["orderedItems"])
|
||||
if "items" in payload["first"]:
|
||||
out.extend(payload["first"]["items"])
|
||||
n = payload["first"].get("next")
|
||||
if n:
|
||||
out.extend(parse_collection(url=n, level=level + 1))
|
||||
return out
|
||||
|
||||
while payload:
|
||||
if ap_type in ["CollectionPage", "OrderedCollectionPage"]:
|
||||
if "orderedItems" in payload:
|
||||
out.extend(payload["orderedItems"])
|
||||
if "items" in payload:
|
||||
out.extend(payload["items"])
|
||||
n = payload.get("next")
|
||||
if n is None:
|
||||
break
|
||||
payload = fetch(n)
|
||||
else:
|
||||
raise ValueError("unexpected activity type {}".format(payload["type"]))
|
||||
|
||||
return out
|
||||
|
||||
|
||||
def as_list(val: Any | list[Any]) -> list[Any]:
|
||||
if isinstance(val, list):
|
||||
return val
|
||||
|
||||
return [val]
|
||||
|
||||
|
||||
def get_id(val: str | dict[str, Any]) -> str:
|
||||
if isinstance(val, dict):
|
||||
val = val["id"]
|
||||
|
||||
if not isinstance(val, str):
|
||||
raise ValueError(f"Invalid ID type: {val}")
|
||||
|
||||
return val
|
||||
|
||||
|
||||
def object_visibility(ap_activity: RawObject) -> VisibilityEnum:
|
||||
to = as_list(ap_activity.get("to", []))
|
||||
cc = as_list(ap_activity.get("cc", []))
|
||||
if AS_PUBLIC in to:
|
||||
return VisibilityEnum.PUBLIC
|
||||
elif AS_PUBLIC in cc:
|
||||
return VisibilityEnum.UNLISTED
|
||||
else:
|
||||
return VisibilityEnum.DIRECT
|
||||
|
||||
|
||||
def get_actor_id(activity: RawObject) -> str:
|
||||
if activity["type"] in ["Note", "Article", "Video"]:
|
||||
attributed_to = as_list(activity["attributedTo"])
|
||||
return get_id(attributed_to[0])
|
||||
else:
|
||||
return get_id(activity["actor"])
|
||||
|
||||
|
||||
def wrap_object(activity: RawObject) -> RawObject:
|
||||
return {
|
||||
"@context": AS_CTX,
|
||||
"actor": config.ID,
|
||||
"to": activity.get("to", []),
|
||||
"cc": activity.get("cc", []),
|
||||
"id": activity["id"] + "/activity",
|
||||
"object": remove_context(activity),
|
||||
"published": activity["published"],
|
||||
"type": "Create",
|
||||
}
|
||||
|
||||
|
||||
def wrap_object_if_needed(raw_object: RawObject) -> RawObject:
|
||||
if raw_object["type"] in ["Note"]:
|
||||
return wrap_object(raw_object)
|
||||
|
||||
return raw_object
|
||||
|
||||
|
||||
def unwrap_activity(activity: RawObject) -> RawObject:
|
||||
# FIXME(ts): other types to unwrap?
|
||||
if activity["type"] == "Create":
|
||||
unwrapped_object = activity["object"]
|
||||
|
||||
# Sanity check, ensure the wrapped object actor matches the activity
|
||||
if get_actor_id(unwrapped_object) != get_actor_id(activity):
|
||||
raise ValueError(
|
||||
f"Unwrapped object actor does not match activity: {activity}"
|
||||
)
|
||||
return unwrapped_object
|
||||
|
||||
return activity
|
||||
|
||||
|
||||
def remove_context(raw_object: RawObject) -> RawObject:
|
||||
if "@context" not in raw_object:
|
||||
return raw_object
|
||||
a = dict(raw_object)
|
||||
del a["@context"]
|
||||
return a
|
||||
|
||||
|
||||
def get(url: str, params: dict[str, Any] | None = None) -> dict[str, Any]:
|
||||
resp = httpx.get(
|
||||
url,
|
||||
headers={"User-Agent": config.USER_AGENT, "Accept": config.AP_CONTENT_TYPE},
|
||||
params=params,
|
||||
follow_redirects=True,
|
||||
auth=auth,
|
||||
)
|
||||
resp.raise_for_status()
|
||||
return resp.json()
|
||||
|
||||
|
||||
def post(url: str, payload: dict[str, Any]) -> httpx.Response:
|
||||
resp = httpx.post(
|
||||
url,
|
||||
headers={
|
||||
"User-Agent": config.USER_AGENT,
|
||||
"Content-Type": config.AP_CONTENT_TYPE,
|
||||
},
|
||||
json=payload,
|
||||
auth=auth,
|
||||
)
|
||||
resp.raise_for_status()
|
||||
return resp
|
190
app/actor.py
Normal file
190
app/actor.py
Normal file
|
@ -0,0 +1,190 @@
|
|||
import typing
|
||||
from dataclasses import dataclass
|
||||
from urllib.parse import urlparse
|
||||
|
||||
from sqlalchemy.orm import Session
|
||||
from sqlalchemy.orm import joinedload
|
||||
|
||||
from app import activitypub as ap
|
||||
|
||||
if typing.TYPE_CHECKING:
|
||||
from app.models import Actor as ActorModel
|
||||
|
||||
|
||||
def _handle(raw_actor: ap.RawObject) -> str:
|
||||
ap_id = ap.get_id(raw_actor["id"])
|
||||
domain = urlparse(ap_id)
|
||||
if not domain.hostname:
|
||||
raise ValueError(f"Invalid actor ID {ap_id}")
|
||||
|
||||
return f'@{raw_actor["preferredUsername"]}@{domain.hostname}' # type: ignore
|
||||
|
||||
|
||||
class Actor:
|
||||
@property
|
||||
def ap_actor(self) -> ap.RawObject:
|
||||
raise NotImplementedError()
|
||||
|
||||
@property
|
||||
def ap_id(self) -> str:
|
||||
return ap.get_id(self.ap_actor["id"])
|
||||
|
||||
@property
|
||||
def name(self) -> str | None:
|
||||
return self.ap_actor.get("name")
|
||||
|
||||
@property
|
||||
def summary(self) -> str | None:
|
||||
return self.ap_actor.get("summary")
|
||||
|
||||
@property
|
||||
def url(self) -> str | None:
|
||||
return self.ap_actor.get("url") or self.ap_actor["id"]
|
||||
|
||||
@property
|
||||
def preferred_username(self) -> str:
|
||||
return self.ap_actor["preferredUsername"]
|
||||
|
||||
@property
|
||||
def handle(self) -> str:
|
||||
return _handle(self.ap_actor)
|
||||
|
||||
@property
|
||||
def ap_type(self) -> str:
|
||||
raise NotImplementedError()
|
||||
|
||||
@property
|
||||
def inbox_url(self) -> str:
|
||||
return self.ap_actor["inbox"]
|
||||
|
||||
@property
|
||||
def shared_inbox_url(self) -> str | None:
|
||||
return self.ap_actor.get("endpoints", {}).get("sharedInbox")
|
||||
|
||||
@property
|
||||
def icon_url(self) -> str | None:
|
||||
return self.ap_actor.get("icon", {}).get("url")
|
||||
|
||||
@property
|
||||
def icon_media_type(self) -> str | None:
|
||||
return self.ap_actor.get("icon", {}).get("mediaType")
|
||||
|
||||
@property
|
||||
def public_key_as_pem(self) -> str:
|
||||
return self.ap_actor["publicKey"]["publicKeyPem"]
|
||||
|
||||
@property
|
||||
def public_key_id(self) -> str:
|
||||
return self.ap_actor["publicKey"]["id"]
|
||||
|
||||
|
||||
class RemoteActor(Actor):
|
||||
def __init__(self, ap_actor: ap.RawObject) -> None:
|
||||
if (ap_type := ap_actor.get("type")) not in ap.ACTOR_TYPES:
|
||||
raise ValueError(f"Unexpected actor type: {ap_type}")
|
||||
|
||||
self._ap_actor = ap_actor
|
||||
self._ap_type = ap_type
|
||||
|
||||
@property
|
||||
def ap_actor(self) -> ap.RawObject:
|
||||
return self._ap_actor
|
||||
|
||||
@property
|
||||
def ap_type(self) -> str:
|
||||
return self._ap_type
|
||||
|
||||
@property
|
||||
def is_from_db(self) -> bool:
|
||||
return False
|
||||
|
||||
|
||||
LOCAL_ACTOR = RemoteActor(ap_actor=ap.ME)
|
||||
|
||||
|
||||
def save_actor(db: Session, ap_actor: ap.RawObject) -> "ActorModel":
|
||||
from app import models
|
||||
|
||||
if ap_type := ap_actor.get("type") not in ap.ACTOR_TYPES:
|
||||
raise ValueError(f"Invalid type {ap_type} for actor {ap_actor}")
|
||||
|
||||
actor = models.Actor(
|
||||
ap_id=ap_actor["id"],
|
||||
ap_actor=ap_actor,
|
||||
ap_type=ap_actor["type"],
|
||||
handle=_handle(ap_actor),
|
||||
)
|
||||
db.add(actor)
|
||||
db.commit()
|
||||
db.refresh(actor)
|
||||
return actor
|
||||
|
||||
|
||||
def fetch_actor(db: Session, actor_id: str) -> "ActorModel":
|
||||
from app import models
|
||||
|
||||
existing_actor = (
|
||||
db.query(models.Actor).filter(models.Actor.ap_id == actor_id).one_or_none()
|
||||
)
|
||||
if existing_actor:
|
||||
return existing_actor
|
||||
|
||||
ap_actor = ap.get(actor_id)
|
||||
return save_actor(db, ap_actor)
|
||||
|
||||
|
||||
@dataclass
|
||||
class ActorMetadata:
|
||||
ap_actor_id: str
|
||||
is_following: bool
|
||||
is_follower: bool
|
||||
is_follow_request_sent: bool
|
||||
outbox_follow_ap_id: str | None
|
||||
inbox_follow_ap_id: str | None
|
||||
|
||||
|
||||
ActorsMetadata = dict[str, ActorMetadata]
|
||||
|
||||
|
||||
def get_actors_metadata(
|
||||
db: Session,
|
||||
actors: list["ActorModel"],
|
||||
) -> ActorsMetadata:
|
||||
from app import models
|
||||
|
||||
ap_actor_ids = [actor.ap_id for actor in actors]
|
||||
followers = {
|
||||
follower.ap_actor_id: follower.inbox_object.ap_id
|
||||
for follower in db.query(models.Follower)
|
||||
.filter(models.Follower.ap_actor_id.in_(ap_actor_ids))
|
||||
.options(joinedload(models.Follower.inbox_object))
|
||||
.all()
|
||||
}
|
||||
following = {
|
||||
following.ap_actor_id
|
||||
for following in db.query(models.Following.ap_actor_id)
|
||||
.filter(models.Following.ap_actor_id.in_(ap_actor_ids))
|
||||
.all()
|
||||
}
|
||||
sent_follow_requests = {
|
||||
follow_req.ap_object["object"]: follow_req.ap_id
|
||||
for follow_req in db.query(
|
||||
models.OutboxObject.ap_object, models.OutboxObject.ap_id
|
||||
)
|
||||
.filter(
|
||||
models.OutboxObject.ap_type == "Follow",
|
||||
models.OutboxObject.undone_by_outbox_object_id.is_(None),
|
||||
)
|
||||
.all()
|
||||
}
|
||||
idx: ActorsMetadata = {}
|
||||
for actor in actors:
|
||||
idx[actor.ap_id] = ActorMetadata(
|
||||
ap_actor_id=actor.ap_id,
|
||||
is_following=actor.ap_id in following,
|
||||
is_follower=actor.ap_id in followers,
|
||||
is_follow_request_sent=actor.ap_id in sent_follow_requests,
|
||||
outbox_follow_ap_id=sent_follow_requests.get(actor.ap_id),
|
||||
inbox_follow_ap_id=followers.get(actor.ap_id),
|
||||
)
|
||||
return idx
|
286
app/admin.py
Normal file
286
app/admin.py
Normal file
|
@ -0,0 +1,286 @@
|
|||
from fastapi import APIRouter
|
||||
from fastapi import Cookie
|
||||
from fastapi import Depends
|
||||
from fastapi import Form
|
||||
from fastapi import Request
|
||||
from fastapi import UploadFile
|
||||
from fastapi.exceptions import HTTPException
|
||||
from fastapi.responses import RedirectResponse
|
||||
from sqlalchemy.orm import Session
|
||||
from sqlalchemy.orm import joinedload
|
||||
|
||||
from app import activitypub as ap
|
||||
from app import boxes
|
||||
from app import models
|
||||
from app import templates
|
||||
from app.actor import get_actors_metadata
|
||||
from app.boxes import get_inbox_object_by_ap_id
|
||||
from app.boxes import send_follow
|
||||
from app.config import generate_csrf_token
|
||||
from app.config import session_serializer
|
||||
from app.config import verify_csrf_token
|
||||
from app.config import verify_password
|
||||
from app.database import get_db
|
||||
from app.lookup import lookup
|
||||
|
||||
|
||||
def user_session_or_redirect(
|
||||
request: Request,
|
||||
session: str | None = Cookie(default=None),
|
||||
) -> None:
|
||||
_RedirectToLoginPage = HTTPException(
|
||||
status_code=302,
|
||||
headers={"Location": request.url_for("login")},
|
||||
)
|
||||
|
||||
if not session:
|
||||
raise _RedirectToLoginPage
|
||||
|
||||
try:
|
||||
loaded_session = session_serializer.loads(session, max_age=3600 * 12)
|
||||
except Exception:
|
||||
raise _RedirectToLoginPage
|
||||
|
||||
if not loaded_session.get("is_logged_in"):
|
||||
raise _RedirectToLoginPage
|
||||
|
||||
return None
|
||||
|
||||
|
||||
router = APIRouter(
|
||||
dependencies=[Depends(user_session_or_redirect)],
|
||||
)
|
||||
unauthenticated_router = APIRouter()
|
||||
|
||||
|
||||
@router.get("/")
|
||||
def admin_index(
|
||||
request: Request,
|
||||
db: Session = Depends(get_db),
|
||||
) -> templates.TemplateResponse:
|
||||
return templates.render_template(db, request, "index.html", {"request": request})
|
||||
|
||||
|
||||
@router.get("/lookup")
|
||||
def get_lookup(
|
||||
request: Request,
|
||||
query: str | None = None,
|
||||
db: Session = Depends(get_db),
|
||||
) -> templates.TemplateResponse:
|
||||
ap_object = None
|
||||
actors_metadata = {}
|
||||
if query:
|
||||
ap_object = lookup(db, query)
|
||||
if ap_object.ap_type in ap.ACTOR_TYPES:
|
||||
actors_metadata = get_actors_metadata(db, [ap_object])
|
||||
else:
|
||||
actors_metadata = get_actors_metadata(db, [ap_object.actor])
|
||||
print(ap_object)
|
||||
return templates.render_template(
|
||||
db,
|
||||
request,
|
||||
"lookup.html",
|
||||
{
|
||||
"query": query,
|
||||
"ap_object": ap_object,
|
||||
"actors_metadata": actors_metadata,
|
||||
},
|
||||
)
|
||||
|
||||
|
||||
@router.get("/new")
|
||||
def admin_new(
|
||||
request: Request,
|
||||
query: str | None = None,
|
||||
db: Session = Depends(get_db),
|
||||
) -> templates.TemplateResponse:
|
||||
return templates.render_template(
|
||||
db,
|
||||
request,
|
||||
"admin_new.html",
|
||||
{},
|
||||
)
|
||||
|
||||
|
||||
@router.get("/stream")
|
||||
def stream(
|
||||
request: Request,
|
||||
db: Session = Depends(get_db),
|
||||
) -> templates.TemplateResponse:
|
||||
stream = (
|
||||
db.query(models.InboxObject)
|
||||
.filter(
|
||||
models.InboxObject.ap_type.in_(["Note", "Article", "Video", "Announce"]),
|
||||
models.InboxObject.is_hidden_from_stream.is_(False),
|
||||
models.InboxObject.undone_by_inbox_object_id.is_(None),
|
||||
)
|
||||
.options(
|
||||
# joinedload(models.InboxObject.relates_to_inbox_object),
|
||||
joinedload(models.InboxObject.relates_to_outbox_object),
|
||||
)
|
||||
.order_by(models.InboxObject.ap_published_at.desc())
|
||||
.limit(20)
|
||||
.all()
|
||||
)
|
||||
return templates.render_template(
|
||||
db,
|
||||
request,
|
||||
"admin_stream.html",
|
||||
{
|
||||
"stream": stream,
|
||||
},
|
||||
)
|
||||
|
||||
|
||||
@router.get("/notifications")
|
||||
def get_notifications(
|
||||
request: Request, db: Session = Depends(get_db)
|
||||
) -> templates.TemplateResponse:
|
||||
notifications = (
|
||||
db.query(models.Notification)
|
||||
.options(
|
||||
joinedload(models.Notification.actor),
|
||||
joinedload(models.Notification.inbox_object),
|
||||
joinedload(models.Notification.outbox_object),
|
||||
)
|
||||
.order_by(models.Notification.created_at.desc())
|
||||
.all()
|
||||
)
|
||||
actors_metadata = get_actors_metadata(
|
||||
db, [notif.actor for notif in notifications if notif.actor]
|
||||
)
|
||||
|
||||
for notif in notifications:
|
||||
notif.is_new = False
|
||||
db.commit()
|
||||
|
||||
return templates.render_template(
|
||||
db,
|
||||
request,
|
||||
"notifications.html",
|
||||
{
|
||||
"notifications": notifications,
|
||||
"actors_metadata": actors_metadata,
|
||||
},
|
||||
)
|
||||
|
||||
|
||||
@router.post("/actions/follow")
|
||||
def admin_actions_follow(
|
||||
request: Request,
|
||||
ap_actor_id: str = Form(),
|
||||
redirect_url: str = Form(),
|
||||
csrf_check: None = Depends(verify_csrf_token),
|
||||
db: Session = Depends(get_db),
|
||||
) -> RedirectResponse:
|
||||
print(f"Following {ap_actor_id}")
|
||||
send_follow(db, ap_actor_id)
|
||||
return RedirectResponse(redirect_url, status_code=302)
|
||||
|
||||
|
||||
@router.post("/actions/like")
|
||||
def admin_actions_like(
|
||||
request: Request,
|
||||
ap_object_id: str = Form(),
|
||||
redirect_url: str = Form(),
|
||||
csrf_check: None = Depends(verify_csrf_token),
|
||||
db: Session = Depends(get_db),
|
||||
) -> RedirectResponse:
|
||||
boxes.send_like(db, ap_object_id)
|
||||
return RedirectResponse(redirect_url, status_code=302)
|
||||
|
||||
|
||||
@router.post("/actions/undo")
|
||||
def admin_actions_undo(
|
||||
request: Request,
|
||||
ap_object_id: str = Form(),
|
||||
redirect_url: str = Form(),
|
||||
csrf_check: None = Depends(verify_csrf_token),
|
||||
db: Session = Depends(get_db),
|
||||
) -> RedirectResponse:
|
||||
boxes.send_undo(db, ap_object_id)
|
||||
return RedirectResponse(redirect_url, status_code=302)
|
||||
|
||||
|
||||
@router.post("/actions/announce")
|
||||
def admin_actions_announce(
|
||||
request: Request,
|
||||
ap_object_id: str = Form(),
|
||||
redirect_url: str = Form(),
|
||||
csrf_check: None = Depends(verify_csrf_token),
|
||||
db: Session = Depends(get_db),
|
||||
) -> RedirectResponse:
|
||||
boxes.send_announce(db, ap_object_id)
|
||||
return RedirectResponse(redirect_url, status_code=302)
|
||||
|
||||
|
||||
@router.post("/actions/bookmark")
|
||||
def admin_actions_bookmark(
|
||||
request: Request,
|
||||
ap_object_id: str = Form(),
|
||||
redirect_url: str = Form(),
|
||||
csrf_check: None = Depends(verify_csrf_token),
|
||||
db: Session = Depends(get_db),
|
||||
) -> RedirectResponse:
|
||||
inbox_object = get_inbox_object_by_ap_id(db, ap_object_id)
|
||||
if not inbox_object:
|
||||
raise ValueError("Should never happen")
|
||||
inbox_object.is_bookmarked = True
|
||||
db.commit()
|
||||
return RedirectResponse(redirect_url, status_code=302)
|
||||
|
||||
|
||||
@router.post("/actions/new")
|
||||
async def admin_actions_new(
|
||||
request: Request,
|
||||
files: list[UploadFile],
|
||||
content: str = Form(),
|
||||
redirect_url: str = Form(),
|
||||
csrf_check: None = Depends(verify_csrf_token),
|
||||
db: Session = Depends(get_db),
|
||||
) -> RedirectResponse:
|
||||
# XXX: for some reason, no files restuls in an empty single file
|
||||
if len(files) >= 1 and files[0].filename:
|
||||
print("Got files")
|
||||
public_id = boxes.send_create(db, content)
|
||||
return RedirectResponse(
|
||||
request.url_for("outbox_by_public_id", public_id=public_id),
|
||||
status_code=302,
|
||||
)
|
||||
|
||||
|
||||
@unauthenticated_router.get("/login")
|
||||
def login(
|
||||
request: Request,
|
||||
db: Session = Depends(get_db),
|
||||
) -> templates.TemplateResponse:
|
||||
return templates.render_template(
|
||||
db,
|
||||
request,
|
||||
"login.html",
|
||||
{"csrf_token": generate_csrf_token()},
|
||||
)
|
||||
|
||||
|
||||
@unauthenticated_router.post("/login")
|
||||
def login_validation(
|
||||
request: Request,
|
||||
password: str = Form(),
|
||||
csrf_check: None = Depends(verify_csrf_token),
|
||||
) -> RedirectResponse:
|
||||
if not verify_password(password):
|
||||
raise HTTPException(status_code=401)
|
||||
|
||||
resp = RedirectResponse("/admin", status_code=302)
|
||||
resp.set_cookie("session", session_serializer.dumps({"is_logged_in": True})) # type: ignore # noqa: E501
|
||||
|
||||
return resp
|
||||
|
||||
|
||||
@router.get("/logout")
|
||||
def logout(
|
||||
request: Request,
|
||||
) -> RedirectResponse:
|
||||
resp = RedirectResponse(request.url_for("index"), status_code=302)
|
||||
resp.set_cookie("session", session_serializer.dumps({"is_logged_in": False})) # type: ignore # noqa: E501
|
||||
return resp
|
183
app/ap_object.py
Normal file
183
app/ap_object.py
Normal file
|
@ -0,0 +1,183 @@
|
|||
import hashlib
|
||||
from datetime import datetime
|
||||
from typing import Any
|
||||
|
||||
import pydantic
|
||||
from dateutil.parser import isoparse
|
||||
from markdown import markdown
|
||||
|
||||
from app import activitypub as ap
|
||||
from app import opengraph
|
||||
from app.actor import LOCAL_ACTOR
|
||||
from app.actor import Actor
|
||||
from app.actor import RemoteActor
|
||||
|
||||
|
||||
class Object:
|
||||
@property
|
||||
def is_from_db(self) -> bool:
|
||||
return False
|
||||
|
||||
@property
|
||||
def ap_type(self) -> str:
|
||||
return self.ap_object["type"]
|
||||
|
||||
@property
|
||||
def ap_object(self) -> ap.RawObject:
|
||||
raise NotImplementedError
|
||||
|
||||
@property
|
||||
def ap_id(self) -> str:
|
||||
return ap.get_id(self.ap_object["id"])
|
||||
|
||||
@property
|
||||
def ap_actor_id(self) -> str:
|
||||
return ap.get_actor_id(self.ap_object)
|
||||
|
||||
@property
|
||||
def ap_published_at(self) -> datetime | None:
|
||||
# TODO: default to None? or now()?
|
||||
if "published" in self.ap_object:
|
||||
return isoparse(self.ap_object["published"])
|
||||
elif "created" in self.ap_object:
|
||||
return isoparse(self.ap_object["created"])
|
||||
return None
|
||||
|
||||
@property
|
||||
def actor(self) -> Actor:
|
||||
raise NotImplementedError()
|
||||
|
||||
@property
|
||||
def visibility(self) -> ap.VisibilityEnum:
|
||||
return ap.object_visibility(self.ap_object)
|
||||
|
||||
@property
|
||||
def context(self) -> str | None:
|
||||
return self.ap_object.get("context")
|
||||
|
||||
@property
|
||||
def sensitive(self) -> bool:
|
||||
return self.ap_object.get("sensitive", False)
|
||||
|
||||
@property
|
||||
def attachments(self) -> list["Attachment"]:
|
||||
attachments = [
|
||||
Attachment.parse_obj(obj) for obj in self.ap_object.get("attachment", [])
|
||||
]
|
||||
|
||||
# Also add any video Link (for PeerTube compat)
|
||||
if self.ap_type == "Video":
|
||||
for link in ap.as_list(self.ap_object.get("url", [])):
|
||||
if (isinstance(link, dict)) and link.get("type") == "Link":
|
||||
if link.get("mediaType", "").startswith("video"):
|
||||
attachments.append(
|
||||
Attachment(
|
||||
type="Video",
|
||||
mediaType=link["mediaType"],
|
||||
url=link["href"],
|
||||
)
|
||||
)
|
||||
break
|
||||
|
||||
return attachments
|
||||
|
||||
@property
|
||||
def url(self) -> str | None:
|
||||
obj_url = self.ap_object.get("url")
|
||||
if isinstance(obj_url, str):
|
||||
return obj_url
|
||||
elif obj_url:
|
||||
for u in ap.as_list(obj_url):
|
||||
if u["mediaType"] == "text/html":
|
||||
return u["href"]
|
||||
|
||||
return None
|
||||
|
||||
@property
|
||||
def content(self) -> str | None:
|
||||
content = self.ap_object.get("content")
|
||||
if not content:
|
||||
return None
|
||||
|
||||
# PeerTube returns the content as markdown
|
||||
if self.ap_object.get("mediaType") == "text/markdown":
|
||||
return markdown(content, extensions=["mdx_linkify"])
|
||||
|
||||
return content
|
||||
|
||||
@property
|
||||
def permalink_id(self) -> str:
|
||||
return (
|
||||
"permalink-"
|
||||
+ hashlib.md5(
|
||||
self.ap_id.encode(),
|
||||
usedforsecurity=False,
|
||||
).hexdigest()
|
||||
)
|
||||
|
||||
@property
|
||||
def activity_object_ap_id(self) -> str | None:
|
||||
if "object" in self.ap_object:
|
||||
return ap.get_id(self.ap_object["object"])
|
||||
|
||||
return None
|
||||
|
||||
@property
|
||||
def in_reply_to(self) -> str | None:
|
||||
return self.ap_object.get("inReplyTo")
|
||||
|
||||
|
||||
def _to_camel(string: str) -> str:
|
||||
cased = "".join(word.capitalize() for word in string.split("_"))
|
||||
return cased[0:1].lower() + cased[1:]
|
||||
|
||||
|
||||
class BaseModel(pydantic.BaseModel):
|
||||
class Config:
|
||||
alias_generator = _to_camel
|
||||
|
||||
|
||||
class Attachment(BaseModel):
|
||||
type: str
|
||||
media_type: str
|
||||
name: str | None
|
||||
url: str
|
||||
|
||||
|
||||
class RemoteObject(Object):
|
||||
def __init__(self, raw_object: ap.RawObject, actor: Actor | None = None):
|
||||
self._raw_object = raw_object
|
||||
self._actor: Actor
|
||||
|
||||
# Pre-fetch the actor
|
||||
actor_id = ap.get_actor_id(raw_object)
|
||||
if actor_id == LOCAL_ACTOR.ap_id:
|
||||
self._actor = LOCAL_ACTOR
|
||||
elif actor:
|
||||
if actor.ap_id != actor_id:
|
||||
raise ValueError(
|
||||
f"Invalid actor, got {actor.ap_id}, " f"expected {actor_id}"
|
||||
)
|
||||
self._actor = actor
|
||||
else:
|
||||
self._actor = RemoteActor(
|
||||
ap_actor=ap.fetch(ap.get_actor_id(raw_object)),
|
||||
)
|
||||
|
||||
self._og_meta = None
|
||||
if self.ap_type == "Note":
|
||||
self._og_meta = opengraph.og_meta_from_note(self._raw_object)
|
||||
|
||||
@property
|
||||
def og_meta(self) -> list[dict[str, Any]] | None:
|
||||
if self._og_meta:
|
||||
return [og_meta.dict() for og_meta in self._og_meta]
|
||||
return None
|
||||
|
||||
@property
|
||||
def ap_object(self) -> ap.RawObject:
|
||||
return self._raw_object
|
||||
|
||||
@property
|
||||
def actor(self) -> Actor:
|
||||
return self._actor
|
684
app/boxes.py
Normal file
684
app/boxes.py
Normal file
|
@ -0,0 +1,684 @@
|
|||
"""Actions related to the AP inbox/outbox."""
|
||||
import uuid
|
||||
from urllib.parse import urlparse
|
||||
|
||||
import httpx
|
||||
from dateutil.parser import isoparse
|
||||
from loguru import logger
|
||||
from sqlalchemy.exc import IntegrityError
|
||||
from sqlalchemy.orm import Session
|
||||
from sqlalchemy.orm import joinedload
|
||||
|
||||
from app import activitypub as ap
|
||||
from app import config
|
||||
from app import models
|
||||
from app.actor import LOCAL_ACTOR
|
||||
from app.actor import RemoteActor
|
||||
from app.actor import fetch_actor
|
||||
from app.actor import save_actor
|
||||
from app.ap_object import RemoteObject
|
||||
from app.config import BASE_URL
|
||||
from app.config import ID
|
||||
from app.database import now
|
||||
from app.process_outgoing_activities import new_outgoing_activity
|
||||
from app.source import markdownify
|
||||
|
||||
|
||||
def allocate_outbox_id() -> str:
|
||||
return uuid.uuid4().hex
|
||||
|
||||
|
||||
def outbox_object_id(outbox_id) -> str:
|
||||
return f"{BASE_URL}/o/{outbox_id}"
|
||||
|
||||
|
||||
def save_outbox_object(
|
||||
db: Session,
|
||||
public_id: str,
|
||||
raw_object: ap.RawObject,
|
||||
relates_to_inbox_object_id: int | None = None,
|
||||
relates_to_outbox_object_id: int | None = None,
|
||||
source: str | None = None,
|
||||
) -> models.OutboxObject:
|
||||
ra = RemoteObject(raw_object)
|
||||
|
||||
outbox_object = models.OutboxObject(
|
||||
public_id=public_id,
|
||||
ap_type=ra.ap_type,
|
||||
ap_id=ra.ap_id,
|
||||
ap_context=ra.context,
|
||||
ap_object=ra.ap_object,
|
||||
visibility=ra.visibility,
|
||||
og_meta=ra.og_meta,
|
||||
relates_to_inbox_object_id=relates_to_inbox_object_id,
|
||||
relates_to_outbox_object_id=relates_to_outbox_object_id,
|
||||
activity_object_ap_id=ra.activity_object_ap_id,
|
||||
is_hidden_from_homepage=True if ra.in_reply_to else False,
|
||||
)
|
||||
db.add(outbox_object)
|
||||
db.commit()
|
||||
db.refresh(outbox_object)
|
||||
|
||||
return outbox_object
|
||||
|
||||
|
||||
def send_like(db: Session, ap_object_id: str) -> None:
|
||||
inbox_object = get_inbox_object_by_ap_id(db, ap_object_id)
|
||||
if not inbox_object:
|
||||
raise ValueError(f"{ap_object_id} not found in the inbox")
|
||||
|
||||
like_id = allocate_outbox_id()
|
||||
like = {
|
||||
"@context": ap.AS_CTX,
|
||||
"id": outbox_object_id(like_id),
|
||||
"type": "Like",
|
||||
"actor": ID,
|
||||
"object": ap_object_id,
|
||||
}
|
||||
outbox_object = save_outbox_object(
|
||||
db, like_id, like, relates_to_inbox_object_id=inbox_object.id
|
||||
)
|
||||
if not outbox_object.id:
|
||||
raise ValueError("Should never happen")
|
||||
|
||||
inbox_object.liked_via_outbox_object_ap_id = outbox_object.ap_id
|
||||
db.commit()
|
||||
|
||||
new_outgoing_activity(db, inbox_object.actor.inbox_url, outbox_object.id)
|
||||
|
||||
|
||||
def send_announce(db: Session, ap_object_id: str) -> None:
|
||||
inbox_object = get_inbox_object_by_ap_id(db, ap_object_id)
|
||||
if not inbox_object:
|
||||
raise ValueError(f"{ap_object_id} not found in the inbox")
|
||||
|
||||
announce_id = allocate_outbox_id()
|
||||
announce = {
|
||||
"@context": ap.AS_CTX,
|
||||
"id": outbox_object_id(announce_id),
|
||||
"type": "Announce",
|
||||
"actor": ID,
|
||||
"object": ap_object_id,
|
||||
"to": [ap.AS_PUBLIC],
|
||||
"cc": [
|
||||
f"{BASE_URL}/followers",
|
||||
inbox_object.ap_actor_id,
|
||||
],
|
||||
}
|
||||
outbox_object = save_outbox_object(
|
||||
db, announce_id, announce, relates_to_inbox_object_id=inbox_object.id
|
||||
)
|
||||
if not outbox_object.id:
|
||||
raise ValueError("Should never happen")
|
||||
|
||||
inbox_object.announced_via_outbox_object_ap_id = outbox_object.ap_id
|
||||
db.commit()
|
||||
|
||||
recipients = _compute_recipients(db, announce)
|
||||
for rcp in recipients:
|
||||
new_outgoing_activity(db, rcp, outbox_object.id)
|
||||
|
||||
|
||||
def send_follow(db: Session, ap_actor_id: str) -> None:
|
||||
actor = fetch_actor(db, ap_actor_id)
|
||||
|
||||
follow_id = allocate_outbox_id()
|
||||
follow = {
|
||||
"@context": ap.AS_CTX,
|
||||
"id": outbox_object_id(follow_id),
|
||||
"type": "Follow",
|
||||
"actor": ID,
|
||||
"object": ap_actor_id,
|
||||
}
|
||||
|
||||
outbox_object = save_outbox_object(db, follow_id, follow)
|
||||
if not outbox_object.id:
|
||||
raise ValueError("Should never happen")
|
||||
|
||||
new_outgoing_activity(db, actor.inbox_url, outbox_object.id)
|
||||
|
||||
|
||||
def send_undo(db: Session, ap_object_id: str) -> None:
|
||||
outbox_object_to_undo = get_outbox_object_by_ap_id(db, ap_object_id)
|
||||
if not outbox_object_to_undo:
|
||||
raise ValueError(f"{ap_object_id} not found in the outbox")
|
||||
|
||||
if outbox_object_to_undo.ap_type not in ["Follow", "Like", "Announce"]:
|
||||
raise ValueError(
|
||||
f"Cannot build Undo for {outbox_object_to_undo.ap_type} activity"
|
||||
)
|
||||
|
||||
undo_id = allocate_outbox_id()
|
||||
undo = {
|
||||
"@context": ap.AS_CTX,
|
||||
"id": outbox_object_id(undo_id),
|
||||
"type": "Undo",
|
||||
"actor": ID,
|
||||
"object": ap.remove_context(outbox_object_to_undo.ap_object),
|
||||
}
|
||||
|
||||
outbox_object = save_outbox_object(
|
||||
db,
|
||||
undo_id,
|
||||
undo,
|
||||
relates_to_outbox_object_id=outbox_object_to_undo.id,
|
||||
)
|
||||
if not outbox_object.id:
|
||||
raise ValueError("Should never happen")
|
||||
|
||||
outbox_object_to_undo.undone_by_outbox_object_id = outbox_object.id
|
||||
|
||||
if outbox_object_to_undo.ap_type == "Follow":
|
||||
if not outbox_object_to_undo.activity_object_ap_id:
|
||||
raise ValueError("Should never happen")
|
||||
followed_actor = fetch_actor(db, outbox_object_to_undo.activity_object_ap_id)
|
||||
new_outgoing_activity(
|
||||
db,
|
||||
followed_actor.inbox_url,
|
||||
outbox_object.id,
|
||||
)
|
||||
# Also remove the follow from the following collection
|
||||
db.query(models.Following).filter(
|
||||
models.Following.ap_actor_id == followed_actor.ap_id
|
||||
).delete()
|
||||
db.commit()
|
||||
elif outbox_object_to_undo.ap_type == "Like":
|
||||
liked_object_ap_id = outbox_object_to_undo.activity_object_ap_id
|
||||
if not liked_object_ap_id:
|
||||
raise ValueError("Should never happen")
|
||||
liked_object = get_inbox_object_by_ap_id(db, liked_object_ap_id)
|
||||
if not liked_object:
|
||||
raise ValueError(f"Cannot find liked object {liked_object_ap_id}")
|
||||
liked_object.liked_via_outbox_object_ap_id = None
|
||||
|
||||
# Send the Undo to the liked object's actor
|
||||
new_outgoing_activity(
|
||||
db,
|
||||
liked_object.actor.inbox_url, # type: ignore
|
||||
outbox_object.id,
|
||||
)
|
||||
elif outbox_object_to_undo.ap_type == "Announce":
|
||||
announced_object_ap_id = outbox_object_to_undo.activity_object_ap_id
|
||||
if not announced_object_ap_id:
|
||||
raise ValueError("Should never happen")
|
||||
announced_object = get_inbox_object_by_ap_id(db, announced_object_ap_id)
|
||||
if not announced_object:
|
||||
raise ValueError(f"Cannot find announced object {announced_object_ap_id}")
|
||||
announced_object.announced_via_outbox_object_ap_id = None
|
||||
|
||||
# Send the Undo to the original recipients
|
||||
recipients = _compute_recipients(db, outbox_object.ap_object)
|
||||
for rcp in recipients:
|
||||
new_outgoing_activity(db, rcp, outbox_object.id)
|
||||
else:
|
||||
raise ValueError("Should never happen")
|
||||
|
||||
|
||||
def send_create(db: Session, source: str) -> str:
|
||||
note_id = allocate_outbox_id()
|
||||
published = now().replace(microsecond=0).isoformat().replace("+00:00", "Z")
|
||||
context = f"{ID}/contexts/" + uuid.uuid4().hex
|
||||
content, tags = markdownify(db, source)
|
||||
note = {
|
||||
"@context": ap.AS_CTX,
|
||||
"type": "Note",
|
||||
"id": outbox_object_id(note_id),
|
||||
"attributedTo": ID,
|
||||
"content": content,
|
||||
"to": [ap.AS_PUBLIC],
|
||||
"cc": [f"{BASE_URL}/followers"],
|
||||
"published": published,
|
||||
"context": context,
|
||||
"conversation": context,
|
||||
"url": outbox_object_id(note_id),
|
||||
"tag": tags,
|
||||
"summary": None,
|
||||
"inReplyTo": None,
|
||||
"sensitive": False,
|
||||
}
|
||||
outbox_object = save_outbox_object(db, note_id, note, source=source)
|
||||
if not outbox_object.id:
|
||||
raise ValueError("Should never happen")
|
||||
|
||||
for tag in tags:
|
||||
if tag["type"] == "Hashtag":
|
||||
tagged_object = models.TaggedOutboxObject(
|
||||
tag=tag["name"][1:],
|
||||
outbox_object_id=outbox_object.id,
|
||||
)
|
||||
db.add(tagged_object)
|
||||
db.commit()
|
||||
|
||||
recipients = _compute_recipients(db, note)
|
||||
for rcp in recipients:
|
||||
new_outgoing_activity(db, rcp, outbox_object.id)
|
||||
|
||||
return note_id
|
||||
|
||||
|
||||
def _compute_recipients(db: Session, ap_object: ap.RawObject) -> set[str]:
|
||||
_recipients = []
|
||||
for field in ["to", "cc", "bto", "bcc"]:
|
||||
if field in ap_object:
|
||||
_recipients.extend(ap.as_list(ap_object[field]))
|
||||
|
||||
recipients = set()
|
||||
for r in _recipients:
|
||||
if r in [ap.AS_PUBLIC, ID]:
|
||||
continue
|
||||
|
||||
# If we got a local collection, assume it's a collection of actors
|
||||
if r.startswith(BASE_URL):
|
||||
for raw_actor in fetch_collection(db, r):
|
||||
actor = RemoteActor(raw_actor)
|
||||
recipients.add(actor.shared_inbox_url or actor.inbox_url)
|
||||
|
||||
continue
|
||||
|
||||
# Is it a known actor?
|
||||
known_actor = (
|
||||
db.query(models.Actor).filter(models.Actor.ap_id == r).one_or_none()
|
||||
)
|
||||
if known_actor:
|
||||
recipients.add(known_actor.shared_inbox_url or actor.inbox_url)
|
||||
continue
|
||||
|
||||
# Fetch the object
|
||||
raw_object = ap.fetch(r)
|
||||
if raw_object.get("type") in ap.ACTOR_TYPES:
|
||||
saved_actor = save_actor(db, raw_object)
|
||||
recipients.add(saved_actor.shared_inbox_url or saved_actor.inbox_url)
|
||||
else:
|
||||
# Assume it's a collection of actors
|
||||
for raw_actor in ap.parse_collection(payload=raw_object):
|
||||
actor = RemoteActor(raw_actor)
|
||||
recipients.add(actor.shared_inbox_url or actor.inbox_url)
|
||||
|
||||
return recipients
|
||||
|
||||
|
||||
def get_inbox_object_by_ap_id(db: Session, ap_id: str) -> models.InboxObject | None:
|
||||
return (
|
||||
db.query(models.InboxObject)
|
||||
.filter(models.InboxObject.ap_id == ap_id)
|
||||
.one_or_none()
|
||||
)
|
||||
|
||||
|
||||
def get_outbox_object_by_ap_id(db: Session, ap_id: str) -> models.OutboxObject | None:
|
||||
return (
|
||||
db.query(models.OutboxObject)
|
||||
.filter(models.OutboxObject.ap_id == ap_id)
|
||||
.one_or_none()
|
||||
)
|
||||
|
||||
|
||||
def _handle_delete_activity(
|
||||
db: Session,
|
||||
from_actor: models.Actor,
|
||||
ap_object_to_delete: models.InboxObject,
|
||||
) -> None:
|
||||
if from_actor.ap_id != ap_object_to_delete.actor.ap_id:
|
||||
logger.warning(
|
||||
"Actor mismatch between the activity and the object: "
|
||||
f"{from_actor.ap_id}/{ap_object_to_delete.actor.ap_id}"
|
||||
)
|
||||
return
|
||||
|
||||
# TODO(ts): do we need to delete related activities? should we keep
|
||||
# bookmarked objects with a deleted flag?
|
||||
logger.info(f"Deleting {ap_object_to_delete.ap_type}/{ap_object_to_delete.ap_id}")
|
||||
db.delete(ap_object_to_delete)
|
||||
db.flush()
|
||||
|
||||
|
||||
def _handle_follow_follow_activity(
|
||||
db: Session,
|
||||
from_actor: models.Actor,
|
||||
inbox_object: models.InboxObject,
|
||||
) -> None:
|
||||
follower = models.Follower(
|
||||
actor_id=from_actor.id,
|
||||
inbox_object_id=inbox_object.id,
|
||||
ap_actor_id=from_actor.ap_id,
|
||||
)
|
||||
try:
|
||||
db.add(follower)
|
||||
db.flush()
|
||||
except IntegrityError:
|
||||
pass # TODO update the existing followe
|
||||
|
||||
# Reply with an Accept
|
||||
reply_id = allocate_outbox_id()
|
||||
reply = {
|
||||
"@context": ap.AS_CTX,
|
||||
"id": outbox_object_id(reply_id),
|
||||
"type": "Accept",
|
||||
"actor": ID,
|
||||
"object": inbox_object.ap_id,
|
||||
}
|
||||
outbox_activity = save_outbox_object(db, reply_id, reply)
|
||||
if not outbox_activity.id:
|
||||
raise ValueError("Should never happen")
|
||||
new_outgoing_activity(db, from_actor.inbox_url, outbox_activity.id)
|
||||
|
||||
notif = models.Notification(
|
||||
notification_type=models.NotificationType.NEW_FOLLOWER,
|
||||
actor_id=from_actor.id,
|
||||
)
|
||||
db.add(notif)
|
||||
|
||||
|
||||
def _handle_undo_activity(
|
||||
db: Session,
|
||||
from_actor: models.Actor,
|
||||
undo_activity: models.InboxObject,
|
||||
ap_activity_to_undo: models.InboxObject,
|
||||
) -> None:
|
||||
if from_actor.ap_id != ap_activity_to_undo.actor.ap_id:
|
||||
logger.warning(
|
||||
"Actor mismatch between the activity and the object: "
|
||||
f"{from_actor.ap_id}/{ap_activity_to_undo.actor.ap_id}"
|
||||
)
|
||||
return
|
||||
|
||||
ap_activity_to_undo.undone_by_inbox_object_id = undo_activity.id
|
||||
|
||||
if ap_activity_to_undo.ap_type == "Follow":
|
||||
logger.info(f"Undo follow from {from_actor.ap_id}")
|
||||
db.query(models.Follower).filter(
|
||||
models.Follower.inbox_object_id == ap_activity_to_undo.id
|
||||
).delete()
|
||||
notif = models.Notification(
|
||||
notification_type=models.NotificationType.UNFOLLOW,
|
||||
actor_id=from_actor.id,
|
||||
)
|
||||
db.add(notif)
|
||||
|
||||
elif ap_activity_to_undo.ap_type == "Like":
|
||||
if not ap_activity_to_undo.activity_object_ap_id:
|
||||
raise ValueError("Like without object")
|
||||
liked_obj = get_outbox_object_by_ap_id(
|
||||
db,
|
||||
ap_activity_to_undo.activity_object_ap_id,
|
||||
)
|
||||
if not liked_obj:
|
||||
logger.warning(
|
||||
"Cannot find liked object: "
|
||||
f"{ap_activity_to_undo.activity_object_ap_id}"
|
||||
)
|
||||
return
|
||||
|
||||
liked_obj.likes_count = models.OutboxObject.likes_count - 1
|
||||
notif = models.Notification(
|
||||
notification_type=models.NotificationType.UNDO_LIKE,
|
||||
actor_id=from_actor.id,
|
||||
outbox_object_id=liked_obj.id,
|
||||
inbox_object_id=ap_activity_to_undo.id,
|
||||
)
|
||||
db.add(notif)
|
||||
|
||||
elif ap_activity_to_undo.ap_type == "Announce":
|
||||
if not ap_activity_to_undo.activity_object_ap_id:
|
||||
raise ValueError("Announce witout object")
|
||||
announced_obj_ap_id = ap_activity_to_undo.activity_object_ap_id
|
||||
logger.info(
|
||||
f"Undo for announce {ap_activity_to_undo.ap_id}/{announced_obj_ap_id}"
|
||||
)
|
||||
if announced_obj_ap_id.startswith(BASE_URL):
|
||||
announced_obj_from_outbox = get_outbox_object_by_ap_id(
|
||||
db, announced_obj_ap_id
|
||||
)
|
||||
if announced_obj_from_outbox:
|
||||
logger.info("Found in the oubox")
|
||||
announced_obj_from_outbox.announces_count = (
|
||||
models.OutboxObject.announces_count - 1
|
||||
)
|
||||
notif = models.Notification(
|
||||
notification_type=models.NotificationType.UNDO_ANNOUNCE,
|
||||
actor_id=from_actor.id,
|
||||
outbox_object_id=announced_obj_from_outbox.id,
|
||||
inbox_object_id=ap_activity_to_undo.id,
|
||||
)
|
||||
db.add(notif)
|
||||
|
||||
# FIXME(ts): what to do with ap_activity_to_undo? flag? delete?
|
||||
else:
|
||||
logger.warning(f"Don't know how to undo {ap_activity_to_undo.ap_type} activity")
|
||||
|
||||
# commit will be perfomed in save_to_inbox
|
||||
|
||||
|
||||
def _handle_create_activity(
|
||||
db: Session,
|
||||
from_actor: models.Actor,
|
||||
created_object: models.InboxObject,
|
||||
) -> None:
|
||||
logger.info("Processing Create activity")
|
||||
tags = created_object.ap_object.get("tag")
|
||||
|
||||
if not tags:
|
||||
logger.info("No tags to process")
|
||||
return None
|
||||
|
||||
if not isinstance(tags, list):
|
||||
logger.info(f"Invalid tags: {tags}")
|
||||
return None
|
||||
|
||||
for tag in tags:
|
||||
if tag.get("name") == LOCAL_ACTOR.handle or tag.get("href") == LOCAL_ACTOR.url:
|
||||
notif = models.Notification(
|
||||
notification_type=models.NotificationType.MENTION,
|
||||
actor_id=from_actor.id,
|
||||
inbox_object_id=created_object.id,
|
||||
)
|
||||
db.add(notif)
|
||||
|
||||
|
||||
def save_to_inbox(db: Session, raw_object: ap.RawObject) -> None:
|
||||
try:
|
||||
actor = fetch_actor(db, raw_object["actor"])
|
||||
except httpx.HTTPStatusError:
|
||||
logger.exception("Failed to fetch actor")
|
||||
# XXX: Delete 410 when we never seen the actor
|
||||
return
|
||||
|
||||
ap_published_at = now()
|
||||
if "published" in raw_object:
|
||||
ap_published_at = isoparse(raw_object["published"])
|
||||
|
||||
ra = RemoteObject(ap.unwrap_activity(raw_object), actor=actor)
|
||||
relates_to_inbox_object: models.InboxObject | None = None
|
||||
relates_to_outbox_object: models.OutboxObject | None = None
|
||||
if ra.activity_object_ap_id:
|
||||
if ra.activity_object_ap_id.startswith(BASE_URL):
|
||||
relates_to_outbox_object = get_outbox_object_by_ap_id(
|
||||
db,
|
||||
ra.activity_object_ap_id,
|
||||
)
|
||||
else:
|
||||
relates_to_inbox_object = get_inbox_object_by_ap_id(
|
||||
db,
|
||||
ra.activity_object_ap_id,
|
||||
)
|
||||
|
||||
inbox_object = models.InboxObject(
|
||||
server=urlparse(ra.ap_id).netloc,
|
||||
actor_id=actor.id,
|
||||
ap_actor_id=actor.ap_id,
|
||||
ap_type=ra.ap_type,
|
||||
ap_id=ra.ap_id,
|
||||
ap_context=ra.context,
|
||||
ap_published_at=ap_published_at,
|
||||
ap_object=ra.ap_object,
|
||||
visibility=ra.visibility,
|
||||
relates_to_inbox_object_id=relates_to_inbox_object.id
|
||||
if relates_to_inbox_object
|
||||
else None,
|
||||
relates_to_outbox_object_id=relates_to_outbox_object.id
|
||||
if relates_to_outbox_object
|
||||
else None,
|
||||
activity_object_ap_id=ra.activity_object_ap_id,
|
||||
# Hide replies from the stream
|
||||
is_hidden_from_stream=True if ra.in_reply_to else False,
|
||||
)
|
||||
|
||||
db.add(inbox_object)
|
||||
db.flush()
|
||||
db.refresh(inbox_object)
|
||||
|
||||
if ra.ap_type == "Create":
|
||||
_handle_create_activity(db, actor, inbox_object)
|
||||
elif ra.ap_type == "Update":
|
||||
pass
|
||||
elif ra.ap_type == "Delete":
|
||||
if relates_to_inbox_object:
|
||||
_handle_delete_activity(db, actor, relates_to_inbox_object)
|
||||
else:
|
||||
# TODO(ts): handle delete actor
|
||||
logger.info(
|
||||
f"Received a Delete for an unknown object: {ra.activity_object_ap_id}"
|
||||
)
|
||||
elif ra.ap_type == "Follow":
|
||||
_handle_follow_follow_activity(db, actor, inbox_object)
|
||||
elif ra.ap_type == "Undo":
|
||||
if relates_to_inbox_object:
|
||||
_handle_undo_activity(db, actor, inbox_object, relates_to_inbox_object)
|
||||
else:
|
||||
logger.info("Received Undo for an unknown activity")
|
||||
elif ra.ap_type in ["Accept", "Reject"]:
|
||||
if not relates_to_outbox_object:
|
||||
logger.info(
|
||||
f"Received {raw_object['type']} for an unknown activity: "
|
||||
f"{ra.activity_object_ap_id}"
|
||||
)
|
||||
else:
|
||||
if relates_to_outbox_object.ap_type == "Follow":
|
||||
following = models.Following(
|
||||
actor_id=actor.id,
|
||||
outbox_object_id=relates_to_outbox_object.id,
|
||||
ap_actor_id=actor.ap_id,
|
||||
)
|
||||
db.add(following)
|
||||
else:
|
||||
logger.info(
|
||||
"Received an Accept for an unsupported activity: "
|
||||
f"{relates_to_outbox_object.ap_type}"
|
||||
)
|
||||
elif ra.ap_type == "Like":
|
||||
if not relates_to_outbox_object:
|
||||
logger.info(
|
||||
f"Received a like for an unknown activity: {ra.activity_object_ap_id}"
|
||||
)
|
||||
else:
|
||||
relates_to_outbox_object.likes_count = models.OutboxObject.likes_count + 1
|
||||
|
||||
notif = models.Notification(
|
||||
notification_type=models.NotificationType.LIKE,
|
||||
actor_id=actor.id,
|
||||
outbox_object_id=relates_to_outbox_object.id,
|
||||
inbox_object_id=inbox_object.id,
|
||||
)
|
||||
db.add(notif)
|
||||
elif raw_object["type"] == "Announce":
|
||||
if relates_to_outbox_object:
|
||||
# This is an announce for a local object
|
||||
relates_to_outbox_object.announces_count = (
|
||||
models.OutboxObject.announces_count + 1
|
||||
)
|
||||
|
||||
notif = models.Notification(
|
||||
notification_type=models.NotificationType.ANNOUNCE,
|
||||
actor_id=actor.id,
|
||||
outbox_object_id=relates_to_outbox_object.id,
|
||||
inbox_object_id=inbox_object.id,
|
||||
)
|
||||
db.add(notif)
|
||||
else:
|
||||
# This is announce for a maybe unknown object
|
||||
if relates_to_inbox_object:
|
||||
logger.info("Nothing to do, we already know about this object")
|
||||
else:
|
||||
# Save it as an inbox object
|
||||
if not ra.activity_object_ap_id:
|
||||
raise ValueError("Should never happen")
|
||||
announced_raw_object = ap.fetch(ra.activity_object_ap_id)
|
||||
announced_actor = fetch_actor(db, ap.get_actor_id(announced_raw_object))
|
||||
announced_object = RemoteObject(announced_raw_object, announced_actor)
|
||||
announced_inbox_object = models.InboxObject(
|
||||
server=urlparse(announced_object.ap_id).netloc,
|
||||
actor_id=announced_actor.id,
|
||||
ap_actor_id=announced_actor.ap_id,
|
||||
ap_type=announced_object.ap_type,
|
||||
ap_id=announced_object.ap_id,
|
||||
ap_context=announced_object.context,
|
||||
ap_published_at=announced_object.ap_published_at,
|
||||
ap_object=announced_object.ap_object,
|
||||
visibility=announced_object.visibility,
|
||||
is_hidden_from_stream=True,
|
||||
)
|
||||
db.add(announced_inbox_object)
|
||||
db.flush()
|
||||
inbox_object.relates_to_inbox_object_id = announced_inbox_object.id
|
||||
elif ra.ap_type in ["Like", "Announce"]:
|
||||
if not relates_to_outbox_object:
|
||||
logger.info(
|
||||
f"Received {ra.ap_type} for an unknown activity: "
|
||||
f"{ra.activity_object_ap_id}"
|
||||
)
|
||||
else:
|
||||
if ra.ap_type == "Like":
|
||||
# TODO(ts): notification
|
||||
relates_to_outbox_object.likes_count = (
|
||||
models.OutboxObject.likes_count + 1
|
||||
)
|
||||
|
||||
notif = models.Notification(
|
||||
notification_type=models.NotificationType.LIKE,
|
||||
actor_id=actor.id,
|
||||
outbox_object_id=relates_to_outbox_object.id,
|
||||
inbox_object_id=inbox_object.id,
|
||||
)
|
||||
db.add(notif)
|
||||
elif raw_object["type"] == "Announce":
|
||||
# TODO(ts): notification
|
||||
relates_to_outbox_object.announces_count = (
|
||||
models.OutboxObject.announces_count + 1
|
||||
)
|
||||
|
||||
notif = models.Notification(
|
||||
notification_type=models.NotificationType.ANNOUNCE,
|
||||
actor_id=actor.id,
|
||||
outbox_object_id=relates_to_outbox_object.id,
|
||||
inbox_object_id=inbox_object.id,
|
||||
)
|
||||
db.add(notif)
|
||||
else:
|
||||
raise ValueError("Should never happpen")
|
||||
|
||||
else:
|
||||
logger.warning(f"Received an unknown {inbox_object.ap_type} object")
|
||||
|
||||
db.commit()
|
||||
|
||||
|
||||
def public_outbox_objects_count(db: Session) -> int:
|
||||
return (
|
||||
db.query(models.OutboxObject)
|
||||
.filter(
|
||||
models.OutboxObject.visibility == ap.VisibilityEnum.PUBLIC,
|
||||
models.OutboxObject.is_deleted.is_(False),
|
||||
)
|
||||
.count()
|
||||
)
|
||||
|
||||
|
||||
def fetch_collection(db: Session, url: str) -> list[ap.RawObject]:
|
||||
if url.startswith(config.BASE_URL):
|
||||
if url == config.BASE_URL + "/followers":
|
||||
q = db.query(models.Follower).options(joinedload(models.Follower.actor))
|
||||
return [follower.actor.ap_actor for follower in q.all()]
|
||||
else:
|
||||
raise ValueError(f"internal collection for {url}) not supported")
|
||||
|
||||
return ap.parse_collection(url)
|
93
app/config.py
Normal file
93
app/config.py
Normal file
|
@ -0,0 +1,93 @@
|
|||
import os
|
||||
from pathlib import Path
|
||||
|
||||
import bcrypt
|
||||
import pydantic
|
||||
import tomli
|
||||
from fastapi import Form
|
||||
from fastapi import HTTPException
|
||||
from fastapi import Request
|
||||
from itsdangerous import TimedSerializer
|
||||
from itsdangerous import TimestampSigner
|
||||
|
||||
ROOT_DIR = Path().parent.resolve()
|
||||
|
||||
_CONFIG_FILE = os.getenv("MICROBLOGPUB_CONFIG_FILE", "me.toml")
|
||||
|
||||
VERSION = "2.0"
|
||||
USER_AGENT = f"microblogpub/{VERSION}"
|
||||
AP_CONTENT_TYPE = "application/activity+json"
|
||||
|
||||
|
||||
class Config(pydantic.BaseModel):
|
||||
domain: str
|
||||
username: str
|
||||
admin_password: bytes
|
||||
name: str
|
||||
summary: str
|
||||
https: bool
|
||||
icon_url: str
|
||||
secret: str
|
||||
debug: bool = False
|
||||
|
||||
# Config items to make tests easier
|
||||
sqlalchemy_database_url: str | None = None
|
||||
key_path: str | None = None
|
||||
|
||||
|
||||
def load_config() -> Config:
|
||||
try:
|
||||
return Config.parse_obj(
|
||||
tomli.loads((ROOT_DIR / "data" / _CONFIG_FILE).read_text())
|
||||
)
|
||||
except FileNotFoundError:
|
||||
raise ValueError("Please run the configuration wizard")
|
||||
|
||||
|
||||
def is_activitypub_requested(req: Request) -> bool:
|
||||
accept_value = req.headers.get("accept")
|
||||
if not accept_value:
|
||||
return False
|
||||
for val in {
|
||||
"application/ld+json",
|
||||
"application/activity+json",
|
||||
}:
|
||||
if accept_value.startswith(val):
|
||||
return True
|
||||
|
||||
return False
|
||||
|
||||
|
||||
def verify_password(pwd: str) -> bool:
|
||||
return bcrypt.checkpw(pwd.encode(), CONFIG.admin_password)
|
||||
|
||||
|
||||
CONFIG = load_config()
|
||||
DOMAIN = CONFIG.domain
|
||||
_SCHEME = "https" if CONFIG.https else "http"
|
||||
ID = f"{_SCHEME}://{DOMAIN}"
|
||||
USERNAME = CONFIG.username
|
||||
BASE_URL = ID
|
||||
DEBUG = CONFIG.debug
|
||||
DB_PATH = ROOT_DIR / "data" / "microblogpub.db"
|
||||
SQLALCHEMY_DATABASE_URL = CONFIG.sqlalchemy_database_url or f"sqlite:///{DB_PATH}"
|
||||
KEY_PATH = (
|
||||
(ROOT_DIR / CONFIG.key_path) if CONFIG.key_path else ROOT_DIR / "data" / "key.pem"
|
||||
)
|
||||
|
||||
|
||||
session_serializer = TimedSerializer(CONFIG.secret, salt="microblogpub.login")
|
||||
csrf_signer = TimestampSigner(
|
||||
os.urandom(16).hex(),
|
||||
salt=os.urandom(16).hex(),
|
||||
)
|
||||
|
||||
|
||||
def generate_csrf_token() -> str:
|
||||
return csrf_signer.sign(os.urandom(16).hex()).decode()
|
||||
|
||||
|
||||
def verify_csrf_token(csrf_token: str = Form()) -> None:
|
||||
if not csrf_signer.validate(csrf_token, max_age=600):
|
||||
raise HTTPException(status_code=403, detail="CSRF error")
|
||||
return None
|
29
app/database.py
Normal file
29
app/database.py
Normal file
|
@ -0,0 +1,29 @@
|
|||
import datetime
|
||||
from typing import Any
|
||||
from typing import Generator
|
||||
|
||||
from sqlalchemy import create_engine
|
||||
from sqlalchemy.ext.declarative import declarative_base
|
||||
from sqlalchemy.orm import Session
|
||||
from sqlalchemy.orm import sessionmaker
|
||||
|
||||
from app.config import SQLALCHEMY_DATABASE_URL
|
||||
|
||||
engine = create_engine(
|
||||
SQLALCHEMY_DATABASE_URL, connect_args={"check_same_thread": False}
|
||||
)
|
||||
SessionLocal = sessionmaker(autocommit=False, autoflush=False, bind=engine)
|
||||
|
||||
Base: Any = declarative_base()
|
||||
|
||||
|
||||
def now() -> datetime.datetime:
|
||||
return datetime.datetime.now(datetime.timezone.utc)
|
||||
|
||||
|
||||
def get_db() -> Generator[Session, None, None]:
|
||||
db = SessionLocal()
|
||||
try:
|
||||
yield db
|
||||
finally:
|
||||
db.close()
|
27
app/highlight.py
Normal file
27
app/highlight.py
Normal file
|
@ -0,0 +1,27 @@
|
|||
from functools import lru_cache
|
||||
|
||||
from bs4 import BeautifulSoup # type: ignore
|
||||
from pygments import highlight as phighlight # type: ignore
|
||||
from pygments.formatters import HtmlFormatter # type: ignore
|
||||
from pygments.lexers import guess_lexer # type: ignore
|
||||
|
||||
_FORMATTER = HtmlFormatter(style="vim")
|
||||
|
||||
HIGHLIGHT_CSS = _FORMATTER.get_style_defs()
|
||||
|
||||
|
||||
@lru_cache(256)
|
||||
def highlight(html: str) -> str:
|
||||
soup = BeautifulSoup(html, "html5lib")
|
||||
for code in soup.find_all("code"):
|
||||
if not code.parent.name == "pre":
|
||||
continue
|
||||
lexer = guess_lexer(code.text)
|
||||
tag = BeautifulSoup(
|
||||
phighlight(code.text, lexer, _FORMATTER), "html5lib"
|
||||
).body.next
|
||||
pre = code.parent
|
||||
pre.replaceWith(tag)
|
||||
out = soup.body
|
||||
out.name = "div"
|
||||
return str(out)
|
182
app/httpsig.py
Normal file
182
app/httpsig.py
Normal file
|
@ -0,0 +1,182 @@
|
|||
"""Implements HTTP signature for Flask requests.
|
||||
|
||||
Mastodon instances won't accept requests that are not signed using this scheme.
|
||||
|
||||
"""
|
||||
import base64
|
||||
import hashlib
|
||||
import typing
|
||||
from dataclasses import dataclass
|
||||
from datetime import datetime
|
||||
from functools import lru_cache
|
||||
from typing import Any
|
||||
from typing import Dict
|
||||
from typing import Optional
|
||||
|
||||
import fastapi
|
||||
import httpx
|
||||
from Crypto.Hash import SHA256
|
||||
from Crypto.Signature import PKCS1_v1_5
|
||||
from loguru import logger
|
||||
|
||||
from app import config
|
||||
from app.key import Key
|
||||
from app.key import get_key
|
||||
|
||||
|
||||
def _build_signed_string(
|
||||
signed_headers: str, method: str, path: str, headers: Any, body_digest: str | None
|
||||
) -> str:
|
||||
out = []
|
||||
for signed_header in signed_headers.split(" "):
|
||||
if signed_header == "(request-target)":
|
||||
out.append("(request-target): " + method.lower() + " " + path)
|
||||
elif signed_header == "digest" and body_digest:
|
||||
out.append("digest: " + body_digest)
|
||||
else:
|
||||
out.append(signed_header + ": " + headers[signed_header])
|
||||
return "\n".join(out)
|
||||
|
||||
|
||||
def _parse_sig_header(val: Optional[str]) -> Optional[Dict[str, str]]:
|
||||
if not val:
|
||||
return None
|
||||
out = {}
|
||||
for data in val.split(","):
|
||||
k, v = data.split("=", 1)
|
||||
out[k] = v[1 : len(v) - 1] # noqa: black conflict
|
||||
return out
|
||||
|
||||
|
||||
def _verify_h(signed_string, signature, pubkey):
|
||||
signer = PKCS1_v1_5.new(pubkey)
|
||||
digest = SHA256.new()
|
||||
digest.update(signed_string.encode("utf-8"))
|
||||
return signer.verify(digest, signature)
|
||||
|
||||
|
||||
def _body_digest(body: bytes) -> str:
|
||||
h = hashlib.new("sha256")
|
||||
h.update(body) # type: ignore
|
||||
return "SHA-256=" + base64.b64encode(h.digest()).decode("utf-8")
|
||||
|
||||
|
||||
@lru_cache(32)
|
||||
def _get_public_key(key_id: str) -> Key:
|
||||
from app import activitypub as ap
|
||||
|
||||
actor = ap.fetch(key_id)
|
||||
if actor["type"] == "Key":
|
||||
# The Key is not embedded in the Person
|
||||
k = Key(actor["owner"], actor["id"])
|
||||
k.load_pub(actor["publicKeyPem"])
|
||||
else:
|
||||
k = Key(actor["id"], actor["publicKey"]["id"])
|
||||
k.load_pub(actor["publicKey"]["publicKeyPem"])
|
||||
|
||||
# Ensure the right key was fetch
|
||||
if key_id != k.key_id():
|
||||
raise ValueError(
|
||||
f"failed to fetch requested key {key_id}: got {actor['publicKey']['id']}"
|
||||
)
|
||||
|
||||
return k
|
||||
|
||||
|
||||
@dataclass(frozen=True)
|
||||
class HTTPSigInfo:
|
||||
has_valid_signature: bool
|
||||
signed_by_ap_actor_id: str | None = None
|
||||
|
||||
|
||||
async def httpsig_checker(
|
||||
request: fastapi.Request,
|
||||
) -> HTTPSigInfo:
|
||||
body = await request.body()
|
||||
|
||||
hsig = _parse_sig_header(request.headers.get("Signature"))
|
||||
if not hsig:
|
||||
logger.info("No HTTP signature found")
|
||||
return HTTPSigInfo(has_valid_signature=False)
|
||||
|
||||
logger.debug(f"hsig={hsig}")
|
||||
signed_string = _build_signed_string(
|
||||
hsig["headers"],
|
||||
request.method,
|
||||
request.url.path,
|
||||
request.headers,
|
||||
_body_digest(body) if body else None,
|
||||
)
|
||||
|
||||
try:
|
||||
k = _get_public_key(hsig["keyId"])
|
||||
except Exception:
|
||||
logger.exception(f'Failed to fetch HTTP sig key {hsig["keyId"]}')
|
||||
return HTTPSigInfo(has_valid_signature=False)
|
||||
|
||||
httpsig_info = HTTPSigInfo(
|
||||
has_valid_signature=_verify_h(
|
||||
signed_string, base64.b64decode(hsig["signature"]), k.pubkey
|
||||
),
|
||||
signed_by_ap_actor_id=k.owner,
|
||||
)
|
||||
logger.info(f"Valid HTTP signature for {httpsig_info.signed_by_ap_actor_id}")
|
||||
return httpsig_info
|
||||
|
||||
|
||||
async def enforce_httpsig(
|
||||
request: fastapi.Request,
|
||||
httpsig_info: HTTPSigInfo = fastapi.Depends(httpsig_checker),
|
||||
) -> HTTPSigInfo:
|
||||
if not httpsig_info.has_valid_signature:
|
||||
logger.warning(f"Invalid HTTP sig {httpsig_info=}")
|
||||
body = await request.body()
|
||||
logger.info(f"{body=}")
|
||||
raise fastapi.HTTPException(status_code=401, detail="Invalid HTTP sig")
|
||||
|
||||
return httpsig_info
|
||||
|
||||
|
||||
class HTTPXSigAuth(httpx.Auth):
|
||||
def __init__(self, key: Key) -> None:
|
||||
self.key = key
|
||||
|
||||
def auth_flow(
|
||||
self, r: httpx.Request
|
||||
) -> typing.Generator[httpx.Request, httpx.Response, None]:
|
||||
logger.info(f"keyid={self.key.key_id()}")
|
||||
|
||||
bodydigest = None
|
||||
if r.content:
|
||||
bh = hashlib.new("sha256")
|
||||
bh.update(r.content)
|
||||
bodydigest = "SHA-256=" + base64.b64encode(bh.digest()).decode("utf-8")
|
||||
|
||||
date = datetime.utcnow().strftime("%a, %d %b %Y %H:%M:%S GMT")
|
||||
r.headers["Date"] = date
|
||||
if bodydigest:
|
||||
r.headers["Digest"] = bodydigest
|
||||
sigheaders = "(request-target) user-agent host date digest content-type"
|
||||
else:
|
||||
sigheaders = "(request-target) user-agent host date accept"
|
||||
|
||||
to_be_signed = _build_signed_string(
|
||||
sigheaders, r.method, r.url.path, r.headers, bodydigest
|
||||
)
|
||||
if not self.key.privkey:
|
||||
raise ValueError("Should never happen")
|
||||
signer = PKCS1_v1_5.new(self.key.privkey)
|
||||
digest = SHA256.new()
|
||||
digest.update(to_be_signed.encode("utf-8"))
|
||||
sig = base64.b64encode(signer.sign(digest)).decode()
|
||||
|
||||
key_id = self.key.key_id()
|
||||
sig_value = f'keyId="{key_id}",algorithm="rsa-sha256",headers="{sigheaders}",signature="{sig}"' # noqa: E501
|
||||
logger.debug(f"signed request {sig_value=}")
|
||||
r.headers["Signature"] = sig_value
|
||||
yield r
|
||||
|
||||
|
||||
k = Key(config.ID, f"{config.ID}#main-key")
|
||||
k.load(get_key())
|
||||
auth = HTTPXSigAuth(k)
|
84
app/key.py
Normal file
84
app/key.py
Normal file
|
@ -0,0 +1,84 @@
|
|||
import base64
|
||||
from typing import Any
|
||||
|
||||
from Crypto.PublicKey import RSA
|
||||
from Crypto.Util import number
|
||||
|
||||
from app.config import KEY_PATH
|
||||
|
||||
|
||||
def key_exists() -> bool:
|
||||
return KEY_PATH.exists()
|
||||
|
||||
|
||||
def generate_key() -> None:
|
||||
if key_exists():
|
||||
raise ValueError(f"Key at {KEY_PATH} already exists")
|
||||
k = RSA.generate(2048)
|
||||
privkey_pem = k.exportKey("PEM").decode("utf-8")
|
||||
KEY_PATH.write_text(privkey_pem)
|
||||
|
||||
|
||||
def get_pubkey_as_pem() -> str:
|
||||
text = KEY_PATH.read_text()
|
||||
return RSA.import_key(text).public_key().export_key("PEM").decode("utf-8")
|
||||
|
||||
|
||||
def get_key() -> str:
|
||||
return KEY_PATH.read_text()
|
||||
|
||||
|
||||
class Key(object):
|
||||
DEFAULT_KEY_SIZE = 2048
|
||||
|
||||
def __init__(self, owner: str, id_: str | None = None) -> None:
|
||||
self.owner = owner
|
||||
self.privkey_pem: str | None = None
|
||||
self.pubkey_pem: str | None = None
|
||||
self.privkey: RSA.RsaKey | None = None
|
||||
self.pubkey: RSA.RsaKey | None = None
|
||||
self.id_ = id_
|
||||
|
||||
def load_pub(self, pubkey_pem: str) -> None:
|
||||
self.pubkey_pem = pubkey_pem
|
||||
self.pubkey = RSA.importKey(pubkey_pem)
|
||||
|
||||
def load(self, privkey_pem: str) -> None:
|
||||
self.privkey_pem = privkey_pem
|
||||
self.privkey = RSA.importKey(self.privkey_pem)
|
||||
self.pubkey_pem = self.privkey.publickey().exportKey("PEM").decode("utf-8")
|
||||
|
||||
def new(self) -> None:
|
||||
k = RSA.generate(self.DEFAULT_KEY_SIZE)
|
||||
self.privkey_pem = k.exportKey("PEM").decode("utf-8")
|
||||
self.pubkey_pem = k.publickey().exportKey("PEM").decode("utf-8")
|
||||
self.privkey = k
|
||||
|
||||
def key_id(self) -> str:
|
||||
return self.id_ or f"{self.owner}#main-key"
|
||||
|
||||
def to_dict(self) -> dict[str, Any]:
|
||||
return {
|
||||
"id": self.key_id(),
|
||||
"owner": self.owner,
|
||||
"publicKeyPem": self.pubkey_pem,
|
||||
"type": "Key",
|
||||
}
|
||||
|
||||
@classmethod
|
||||
def from_dict(cls, data):
|
||||
try:
|
||||
k = cls(data["owner"], data["id"])
|
||||
k.load_pub(data["publicKeyPem"])
|
||||
except KeyError:
|
||||
raise ValueError(f"bad key data {data!r}")
|
||||
return k
|
||||
|
||||
def to_magic_key(self) -> str:
|
||||
mod = base64.urlsafe_b64encode(
|
||||
number.long_to_bytes(self.privkey.n) # type: ignore
|
||||
).decode("utf-8")
|
||||
pubexp = base64.urlsafe_b64encode(
|
||||
number.long_to_bytes(self.privkey.e) # type: ignore
|
||||
).decode("utf-8")
|
||||
return f"data:application/magic-public-key,RSA.{mod}.{pubexp}"
|
40
app/lookup.py
Normal file
40
app/lookup.py
Normal file
|
@ -0,0 +1,40 @@
|
|||
import mf2py # type: ignore
|
||||
from sqlalchemy.orm import Session
|
||||
|
||||
from app import activitypub as ap
|
||||
from app import webfinger
|
||||
from app.actor import Actor
|
||||
from app.actor import fetch_actor
|
||||
from app.ap_object import RemoteObject
|
||||
|
||||
|
||||
def lookup(db: Session, query: str) -> Actor | RemoteObject:
|
||||
if query.startswith("@"):
|
||||
query = webfinger.get_actor_url(query) # type: ignore # None check below
|
||||
|
||||
if not query:
|
||||
raise ap.NotAnObjectError(query)
|
||||
|
||||
try:
|
||||
ap_obj = ap.fetch(query)
|
||||
except ap.NotAnObjectError as not_an_object_error:
|
||||
resp = not_an_object_error.resp
|
||||
if not resp:
|
||||
raise ap.NotAnObjectError(query)
|
||||
|
||||
alternate_obj = None
|
||||
if resp.headers.get("content-type", "").startswith("text/html"):
|
||||
for alternate in mf2py.parse(doc=resp.text).get("alternates", []):
|
||||
if alternate.get("type") == "application/activity+json":
|
||||
alternate_obj = ap.fetch(alternate["url"])
|
||||
|
||||
if alternate_obj:
|
||||
ap_obj = alternate_obj
|
||||
else:
|
||||
raise
|
||||
|
||||
if ap_obj["type"] in ap.ACTOR_TYPES:
|
||||
actor = fetch_actor(db, ap_obj["id"])
|
||||
return actor
|
||||
else:
|
||||
return RemoteObject(ap_obj)
|
558
app/main.py
Normal file
558
app/main.py
Normal file
|
@ -0,0 +1,558 @@
|
|||
import base64
|
||||
import os
|
||||
import sys
|
||||
import time
|
||||
from datetime import datetime
|
||||
from typing import Any
|
||||
from typing import Type
|
||||
|
||||
import httpx
|
||||
from dateutil.parser import isoparse
|
||||
from fastapi import Depends
|
||||
from fastapi import FastAPI
|
||||
from fastapi import Request
|
||||
from fastapi import Response
|
||||
from fastapi.exceptions import HTTPException
|
||||
from fastapi.responses import PlainTextResponse
|
||||
from fastapi.responses import StreamingResponse
|
||||
from fastapi.staticfiles import StaticFiles
|
||||
from loguru import logger
|
||||
from sqlalchemy.orm import Session
|
||||
from sqlalchemy.orm import joinedload
|
||||
from starlette.background import BackgroundTask
|
||||
from starlette.responses import JSONResponse
|
||||
|
||||
from app import activitypub as ap
|
||||
from app import admin
|
||||
from app import config
|
||||
from app import httpsig
|
||||
from app import models
|
||||
from app import templates
|
||||
from app.actor import LOCAL_ACTOR
|
||||
from app.actor import get_actors_metadata
|
||||
from app.boxes import public_outbox_objects_count
|
||||
from app.boxes import save_to_inbox
|
||||
from app.config import BASE_URL
|
||||
from app.config import DEBUG
|
||||
from app.config import DOMAIN
|
||||
from app.config import ID
|
||||
from app.config import USER_AGENT
|
||||
from app.config import USERNAME
|
||||
from app.config import is_activitypub_requested
|
||||
from app.database import get_db
|
||||
from app.templates import is_current_user_admin
|
||||
|
||||
# TODO(ts):
|
||||
#
|
||||
# Next:
|
||||
# - show likes/announces counter for outbox activities
|
||||
# - update actor support
|
||||
# - replies support
|
||||
# - file upload + place/exif extraction (or not) support
|
||||
# - custom emoji support
|
||||
# - hash config/profile to detect when to send Update actor
|
||||
#
|
||||
# - [ ] block support
|
||||
# - [ ] make the media proxy authenticated
|
||||
# - [ ] prevent SSRF (urlutils from little-boxes)
|
||||
# - [ ] Dockerization
|
||||
# - [ ] Webmentions
|
||||
# - [ ] custom emoji
|
||||
# - [ ] poll/questions support
|
||||
# - [ ] cleanup tasks
|
||||
# - notifs:
|
||||
# - MENTIONED
|
||||
# - LIKED
|
||||
# - ANNOUNCED
|
||||
# - FOLLOWED
|
||||
# - UNFOLLOWED
|
||||
# - POLL_ENDED
|
||||
|
||||
app = FastAPI(docs_url=None, redoc_url=None)
|
||||
app.mount("/static", StaticFiles(directory="app/static"), name="static")
|
||||
app.include_router(admin.router, prefix="/admin")
|
||||
app.include_router(admin.unauthenticated_router, prefix="/admin")
|
||||
|
||||
logger.configure(extra={"request_id": "no_req_id"})
|
||||
logger.remove()
|
||||
logger_format = (
|
||||
"<green>{time:YYYY-MM-DD HH:mm:ss.SSS}</green> | "
|
||||
"<level>{level: <8}</level> | "
|
||||
"<cyan>{name}</cyan>:<cyan>{function}</cyan>:<cyan>{line}</cyan> | "
|
||||
"{extra[request_id]} - <level>{message}</level>"
|
||||
)
|
||||
logger.add(sys.stdout, format=logger_format)
|
||||
|
||||
|
||||
@app.middleware("http")
|
||||
async def request_middleware(request, call_next):
|
||||
start_time = time.perf_counter()
|
||||
request_id = os.urandom(8).hex()
|
||||
with logger.contextualize(request_id=request_id):
|
||||
logger.info(
|
||||
f"{request.client.host}:{request.client.port} - "
|
||||
f"{request.method} {request.url}"
|
||||
)
|
||||
try:
|
||||
response = await call_next(request)
|
||||
response.headers["X-Request-ID"] = request_id
|
||||
response.headers["Server"] = "microblogpub"
|
||||
elapsed_time = time.perf_counter() - start_time
|
||||
logger.info(f"status_code={response.status_code} {elapsed_time=:.2f}s")
|
||||
return response
|
||||
except Exception:
|
||||
logger.exception("Request failed")
|
||||
raise
|
||||
|
||||
|
||||
@app.middleware("http")
|
||||
async def add_security_headers(request: Request, call_next):
|
||||
response = await call_next(request)
|
||||
response.headers["referrer-policy"] = "no-referrer, strict-origin-when-cross-origin"
|
||||
response.headers["x-content-type-options"] = "nosniff"
|
||||
response.headers["x-xss-protection"] = "1; mode=block"
|
||||
response.headers["x-frame-options"] = "SAMEORIGIN"
|
||||
# TODO(ts): disallow inline CSS?
|
||||
response.headers["content-security-policy"] = (
|
||||
"default-src 'self'" + " style-src 'self' 'unsafe-inline';"
|
||||
)
|
||||
if not DEBUG:
|
||||
response.headers[
|
||||
"strict-transport-security"
|
||||
] = "max-age=63072000; includeSubdomains"
|
||||
return response
|
||||
|
||||
|
||||
DEFAULT_CTX = COLLECTION_CTX = [
|
||||
"https://www.w3.org/ns/activitystreams",
|
||||
"https://w3id.org/security/v1",
|
||||
{
|
||||
# AS ext
|
||||
"Hashtag": "as:Hashtag",
|
||||
"sensitive": "as:sensitive",
|
||||
"manuallyApprovesFollowers": "as:manuallyApprovesFollowers",
|
||||
# toot
|
||||
"toot": "http://joinmastodon.org/ns#",
|
||||
# "featured": "toot:featured",
|
||||
# schema
|
||||
"schema": "http://schema.org#",
|
||||
"PropertyValue": "schema:PropertyValue",
|
||||
"value": "schema:value",
|
||||
},
|
||||
]
|
||||
|
||||
|
||||
class ActivityPubResponse(JSONResponse):
|
||||
media_type = "application/activity+json"
|
||||
|
||||
|
||||
@app.get("/")
|
||||
def index(
|
||||
request: Request,
|
||||
db: Session = Depends(get_db),
|
||||
_: httpsig.HTTPSigInfo = Depends(httpsig.httpsig_checker),
|
||||
) -> templates.TemplateResponse | ActivityPubResponse:
|
||||
if is_activitypub_requested(request):
|
||||
return ActivityPubResponse(LOCAL_ACTOR.ap_actor)
|
||||
|
||||
outbox_objects = (
|
||||
db.query(models.OutboxObject)
|
||||
.filter(
|
||||
models.OutboxObject.visibility == ap.VisibilityEnum.PUBLIC,
|
||||
models.OutboxObject.is_deleted.is_(False),
|
||||
models.OutboxObject.is_hidden_from_homepage.is_(False),
|
||||
)
|
||||
.order_by(models.OutboxObject.ap_published_at.desc())
|
||||
.limit(20)
|
||||
.all()
|
||||
)
|
||||
|
||||
return templates.render_template(
|
||||
db,
|
||||
request,
|
||||
"index.html",
|
||||
{"request": request, "objects": outbox_objects},
|
||||
)
|
||||
|
||||
|
||||
def _build_followx_collection(
|
||||
db: Session,
|
||||
model_cls: Type[models.Following | models.Follower],
|
||||
path: str,
|
||||
page: bool | None,
|
||||
next_cursor: str | None,
|
||||
) -> ap.RawObject:
|
||||
total_items = db.query(model_cls).count()
|
||||
|
||||
if not page and not next_cursor:
|
||||
return {
|
||||
"@context": ap.AS_CTX,
|
||||
"id": ID + path,
|
||||
"first": ID + path + "?page=true",
|
||||
"type": "OrderedCollection",
|
||||
"totalItems": total_items,
|
||||
}
|
||||
|
||||
q = db.query(model_cls).order_by(model_cls.created_at.desc()) # type: ignore
|
||||
if next_cursor:
|
||||
q = q.filter(model_cls.created_at < _decode_cursor(next_cursor)) # type: ignore
|
||||
q = q.limit(20)
|
||||
|
||||
items = [followx for followx in q.all()]
|
||||
next_cursor = None
|
||||
if (
|
||||
items
|
||||
and db.query(model_cls)
|
||||
.filter(model_cls.created_at < items[-1].created_at)
|
||||
.count()
|
||||
> 0
|
||||
):
|
||||
next_cursor = _encode_cursor(items[-1].created_at)
|
||||
|
||||
collection_page = {
|
||||
"@context": ap.AS_CTX,
|
||||
"id": (
|
||||
ID + path + "?page=true"
|
||||
if not next_cursor
|
||||
else ID + path + f"?next_cursor={next_cursor}"
|
||||
),
|
||||
"partOf": ID + path,
|
||||
"type": "OrderedCollectionPage",
|
||||
"orderedItems": [item.ap_actor_id for item in items],
|
||||
}
|
||||
if next_cursor:
|
||||
collection_page["next"] = ID + path + f"?next_cursor={next_cursor}"
|
||||
|
||||
return collection_page
|
||||
|
||||
|
||||
def _encode_cursor(val: datetime) -> str:
|
||||
return base64.urlsafe_b64encode(val.isoformat().encode()).decode()
|
||||
|
||||
|
||||
def _decode_cursor(cursor: str) -> datetime:
|
||||
return isoparse(base64.urlsafe_b64decode(cursor).decode())
|
||||
|
||||
|
||||
@app.get("/followers")
|
||||
def followers(
|
||||
request: Request,
|
||||
page: bool | None = None,
|
||||
next_cursor: str | None = None,
|
||||
prev_cursor: str | None = None,
|
||||
db: Session = Depends(get_db),
|
||||
_: httpsig.HTTPSigInfo = Depends(httpsig.httpsig_checker),
|
||||
) -> ActivityPubResponse | templates.TemplateResponse:
|
||||
if is_activitypub_requested(request):
|
||||
return ActivityPubResponse(
|
||||
_build_followx_collection(
|
||||
db=db,
|
||||
model_cls=models.Follower,
|
||||
path="/followers",
|
||||
page=page,
|
||||
next_cursor=next_cursor,
|
||||
)
|
||||
)
|
||||
|
||||
followers = (
|
||||
db.query(models.Follower)
|
||||
.options(joinedload(models.Follower.actor))
|
||||
.order_by(models.Follower.created_at.desc())
|
||||
.limit(20)
|
||||
.all()
|
||||
)
|
||||
|
||||
# TODO: support next_cursor/prev_cursor
|
||||
actors_metadata = {}
|
||||
if is_current_user_admin(request):
|
||||
actors_metadata = get_actors_metadata(
|
||||
db,
|
||||
[f.actor for f in followers],
|
||||
)
|
||||
|
||||
return templates.render_template(
|
||||
db,
|
||||
request,
|
||||
"followers.html",
|
||||
{
|
||||
"followers": followers,
|
||||
"actors_metadata": actors_metadata,
|
||||
},
|
||||
)
|
||||
|
||||
|
||||
@app.get("/following")
|
||||
def following(
|
||||
request: Request,
|
||||
page: bool | None = None,
|
||||
next_cursor: str | None = None,
|
||||
prev_cursor: str | None = None,
|
||||
db: Session = Depends(get_db),
|
||||
_: httpsig.HTTPSigInfo = Depends(httpsig.httpsig_checker),
|
||||
) -> ActivityPubResponse | templates.TemplateResponse:
|
||||
if is_activitypub_requested(request):
|
||||
return ActivityPubResponse(
|
||||
_build_followx_collection(
|
||||
db=db,
|
||||
model_cls=models.Following,
|
||||
path="/following",
|
||||
page=page,
|
||||
next_cursor=next_cursor,
|
||||
)
|
||||
)
|
||||
|
||||
q = (
|
||||
db.query(models.Following)
|
||||
.options(joinedload(models.Following.actor))
|
||||
.order_by(models.Following.created_at.desc())
|
||||
.limit(20)
|
||||
)
|
||||
following = q.all()
|
||||
|
||||
# TODO: support next_cursor/prev_cursor
|
||||
actors_metadata = {}
|
||||
if is_current_user_admin(request):
|
||||
actors_metadata = get_actors_metadata(
|
||||
db,
|
||||
[f.actor for f in following],
|
||||
)
|
||||
|
||||
return templates.render_template(
|
||||
db,
|
||||
request,
|
||||
"following.html",
|
||||
{
|
||||
"following": following,
|
||||
"actors_metadata": actors_metadata,
|
||||
},
|
||||
)
|
||||
|
||||
|
||||
@app.get("/outbox")
|
||||
def outbox(
|
||||
db: Session = Depends(get_db),
|
||||
_: httpsig.HTTPSigInfo = Depends(httpsig.httpsig_checker),
|
||||
) -> ActivityPubResponse:
|
||||
outbox_objects = (
|
||||
db.query(models.OutboxObject)
|
||||
.filter(
|
||||
models.OutboxObject.visibility == ap.VisibilityEnum.PUBLIC,
|
||||
models.OutboxObject.is_deleted.is_(False),
|
||||
)
|
||||
.order_by(models.OutboxObject.ap_published_at.desc())
|
||||
.limit(20)
|
||||
.all()
|
||||
)
|
||||
return ActivityPubResponse(
|
||||
{
|
||||
"@context": DEFAULT_CTX,
|
||||
"id": f"{ID}/outbox",
|
||||
"type": "OrderedCollection",
|
||||
"totalItems": len(outbox_objects),
|
||||
"orderedItems": [
|
||||
ap.remove_context(ap.wrap_object_if_needed(a.ap_object))
|
||||
for a in outbox_objects
|
||||
],
|
||||
}
|
||||
)
|
||||
|
||||
|
||||
@app.get("/o/{public_id}")
|
||||
def outbox_by_public_id(
|
||||
public_id: str,
|
||||
request: Request,
|
||||
db: Session = Depends(get_db),
|
||||
_: httpsig.HTTPSigInfo = Depends(httpsig.httpsig_checker),
|
||||
) -> ActivityPubResponse | templates.TemplateResponse:
|
||||
# TODO: ACL?
|
||||
maybe_object = (
|
||||
db.query(models.OutboxObject)
|
||||
.filter(
|
||||
models.OutboxObject.public_id == public_id,
|
||||
# models.OutboxObject.is_deleted.is_(False),
|
||||
)
|
||||
.one_or_none()
|
||||
)
|
||||
if not maybe_object:
|
||||
raise HTTPException(status_code=404)
|
||||
#
|
||||
if is_activitypub_requested(request):
|
||||
return ActivityPubResponse(maybe_object.ap_object)
|
||||
|
||||
return templates.render_template(
|
||||
db,
|
||||
request,
|
||||
"object.html",
|
||||
{
|
||||
"outbox_object": maybe_object,
|
||||
},
|
||||
)
|
||||
|
||||
|
||||
@app.get("/o/{public_id}/activity")
|
||||
def outbox_activity_by_public_id(
|
||||
public_id: str,
|
||||
db: Session = Depends(get_db),
|
||||
_: httpsig.HTTPSigInfo = Depends(httpsig.httpsig_checker),
|
||||
) -> ActivityPubResponse:
|
||||
# TODO: ACL?
|
||||
maybe_object = (
|
||||
db.query(models.OutboxObject)
|
||||
.filter(models.OutboxObject.public_id == public_id)
|
||||
.one_or_none()
|
||||
)
|
||||
if not maybe_object:
|
||||
raise HTTPException(status_code=404)
|
||||
|
||||
return ActivityPubResponse(ap.wrap_object(maybe_object.ap_object))
|
||||
|
||||
|
||||
@app.get("/t/{tag}")
|
||||
def tag_by_name(
|
||||
tag: str,
|
||||
request: Request,
|
||||
db: Session = Depends(get_db),
|
||||
_: httpsig.HTTPSigInfo = Depends(httpsig.httpsig_checker),
|
||||
) -> ActivityPubResponse | templates.TemplateResponse:
|
||||
# TODO(ts): implement HTML version
|
||||
# if is_activitypub_requested(request):
|
||||
return ActivityPubResponse(
|
||||
{
|
||||
"@context": ap.AS_CTX,
|
||||
"id": BASE_URL + f"/t/{tag}",
|
||||
"type": "OrderedCollection",
|
||||
"totalItems": 0,
|
||||
"orderedItems": [],
|
||||
}
|
||||
)
|
||||
|
||||
|
||||
@app.post("/inbox")
|
||||
async def inbox(
|
||||
request: Request,
|
||||
db: Session = Depends(get_db),
|
||||
httpsig_info: httpsig.HTTPSigInfo = Depends(httpsig.enforce_httpsig),
|
||||
) -> Response:
|
||||
logger.info(f"headers={request.headers}")
|
||||
payload = await request.json()
|
||||
logger.info(f"{payload=}")
|
||||
save_to_inbox(db, payload)
|
||||
return Response(status_code=204)
|
||||
|
||||
|
||||
@app.get("/.well-known/webfinger")
|
||||
def wellknown_webfinger(resource: str) -> JSONResponse:
|
||||
"""Exposes/servers WebFinger data."""
|
||||
if resource not in [f"acct:{USERNAME}@{DOMAIN}", ID]:
|
||||
raise HTTPException(status_code=404)
|
||||
|
||||
out = {
|
||||
"subject": f"acct:{USERNAME}@{DOMAIN}",
|
||||
"aliases": [ID],
|
||||
"links": [
|
||||
{
|
||||
"rel": "http://webfinger.net/rel/profile-page",
|
||||
"type": "text/html",
|
||||
"href": ID,
|
||||
},
|
||||
{"rel": "self", "type": "application/activity+json", "href": ID},
|
||||
{
|
||||
"rel": "http://ostatus.org/schema/1.0/subscribe",
|
||||
"template": DOMAIN + "/authorize_interaction?uri={uri}",
|
||||
},
|
||||
],
|
||||
}
|
||||
|
||||
return JSONResponse(out, media_type="application/jrd+json; charset=utf-8")
|
||||
|
||||
|
||||
@app.get("/.well-known/nodeinfo")
|
||||
async def well_known_nodeinfo() -> dict[str, Any]:
|
||||
return {
|
||||
"links": [
|
||||
{
|
||||
"rel": "http://nodeinfo.diaspora.software/ns/schema/2.1",
|
||||
"href": f"{BASE_URL}/nodeinfo",
|
||||
}
|
||||
]
|
||||
}
|
||||
|
||||
|
||||
@app.get("/nodeinfo")
|
||||
def nodeinfo(
|
||||
db: Session = Depends(get_db),
|
||||
):
|
||||
local_posts = public_outbox_objects_count(db)
|
||||
return JSONResponse(
|
||||
{
|
||||
"version": "2.1",
|
||||
"software": {
|
||||
"name": "microblogpub",
|
||||
"version": config.VERSION,
|
||||
"repository": "https://github.com/tsileo/microblog.pub",
|
||||
},
|
||||
"protocols": ["activitypub"],
|
||||
"services": {"inbound": [], "outbound": []},
|
||||
"openRegistrations": False,
|
||||
"usage": {"users": {"total": 1}, "localPosts": local_posts},
|
||||
"metadata": {
|
||||
"nodeName": LOCAL_ACTOR.handle,
|
||||
},
|
||||
},
|
||||
media_type=(
|
||||
"application/json; "
|
||||
"profile=http://nodeinfo.diaspora.software/ns/schema/2.1#"
|
||||
),
|
||||
)
|
||||
|
||||
|
||||
proxy_client = httpx.AsyncClient()
|
||||
|
||||
|
||||
@app.get("/proxy/media/{encoded_url}")
|
||||
async def serve_proxy_media(request: Request, encoded_url: str) -> StreamingResponse:
|
||||
# Decode the base64-encoded URL
|
||||
url = base64.urlsafe_b64decode(encoded_url).decode()
|
||||
# Request the URL (and filter request headers)
|
||||
proxy_req = proxy_client.build_request(
|
||||
request.method,
|
||||
url,
|
||||
headers=[
|
||||
(k, v)
|
||||
for (k, v) in request.headers.raw
|
||||
if k.lower()
|
||||
not in [b"host", b"cookie", b"x-forwarded-for", b"x-real-ip", b"user-agent"]
|
||||
]
|
||||
+ [(b"user-agent", USER_AGENT.encode())],
|
||||
)
|
||||
proxy_resp = await proxy_client.send(proxy_req, stream=True)
|
||||
# Filter the headers
|
||||
proxy_resp_headers = [
|
||||
(k, v)
|
||||
for (k, v) in proxy_resp.headers.items()
|
||||
if k.lower()
|
||||
in [
|
||||
"content-length",
|
||||
"content-type",
|
||||
"content-range",
|
||||
"accept-ranges" "etag",
|
||||
"cache-control",
|
||||
"expires",
|
||||
"date",
|
||||
"last-modified",
|
||||
]
|
||||
]
|
||||
return StreamingResponse(
|
||||
proxy_resp.aiter_raw(),
|
||||
status_code=proxy_resp.status_code,
|
||||
headers=dict(proxy_resp_headers),
|
||||
background=BackgroundTask(proxy_resp.aclose),
|
||||
)
|
||||
|
||||
|
||||
@app.get("/robots.txt", response_class=PlainTextResponse)
|
||||
async def robots_file():
|
||||
return """User-agent: *
|
||||
Disallow: /followers
|
||||
Disallow: /following
|
||||
Disallow: /admin"""
|
288
app/models.py
Normal file
288
app/models.py
Normal file
|
@ -0,0 +1,288 @@
|
|||
import enum
|
||||
from typing import Any
|
||||
from typing import Optional
|
||||
|
||||
from sqlalchemy import JSON
|
||||
from sqlalchemy import Boolean
|
||||
from sqlalchemy import Column
|
||||
from sqlalchemy import DateTime
|
||||
from sqlalchemy import Enum
|
||||
from sqlalchemy import ForeignKey
|
||||
from sqlalchemy import Integer
|
||||
from sqlalchemy import String
|
||||
from sqlalchemy import UniqueConstraint
|
||||
from sqlalchemy.orm import Mapped
|
||||
from sqlalchemy.orm import relationship
|
||||
|
||||
from app import activitypub as ap
|
||||
from app.actor import LOCAL_ACTOR
|
||||
from app.actor import Actor as BaseActor
|
||||
from app.ap_object import Object as BaseObject
|
||||
from app.database import Base
|
||||
from app.database import now
|
||||
|
||||
|
||||
class Actor(Base, BaseActor):
|
||||
__tablename__ = "actors"
|
||||
|
||||
id = Column(Integer, primary_key=True, index=True)
|
||||
created_at = Column(DateTime(timezone=True), nullable=False, default=now)
|
||||
updated_at = Column(DateTime(timezone=True), nullable=False, default=now)
|
||||
|
||||
ap_id = Column(String, unique=True, nullable=False, index=True)
|
||||
ap_actor: Mapped[ap.RawObject] = Column(JSON, nullable=False)
|
||||
ap_type = Column(String, nullable=False)
|
||||
|
||||
handle = Column(String, nullable=True, index=True)
|
||||
|
||||
@property
|
||||
def is_from_db(self) -> bool:
|
||||
return True
|
||||
|
||||
|
||||
class InboxObject(Base, BaseObject):
|
||||
__tablename__ = "inbox"
|
||||
|
||||
id = Column(Integer, primary_key=True, index=True)
|
||||
created_at = Column(DateTime(timezone=True), nullable=False, default=now)
|
||||
updated_at = Column(DateTime(timezone=True), nullable=False, default=now)
|
||||
|
||||
actor_id = Column(Integer, ForeignKey("actors.id"), nullable=False)
|
||||
actor: Mapped[Actor] = relationship(Actor, uselist=False)
|
||||
|
||||
server = Column(String, nullable=False)
|
||||
|
||||
is_hidden_from_stream = Column(Boolean, nullable=False, default=False)
|
||||
|
||||
ap_actor_id = Column(String, nullable=False)
|
||||
ap_type = Column(String, nullable=False)
|
||||
ap_id = Column(String, nullable=False, unique=True, index=True)
|
||||
ap_context = Column(String, nullable=True)
|
||||
ap_published_at = Column(DateTime(timezone=True), nullable=False)
|
||||
ap_object: Mapped[ap.RawObject] = Column(JSON, nullable=False)
|
||||
|
||||
activity_object_ap_id = Column(String, nullable=True)
|
||||
|
||||
visibility = Column(Enum(ap.VisibilityEnum), nullable=False)
|
||||
|
||||
# Used for Like, Announce and Undo activities
|
||||
relates_to_inbox_object_id = Column(
|
||||
Integer,
|
||||
ForeignKey("inbox.id"),
|
||||
nullable=True,
|
||||
)
|
||||
relates_to_inbox_object: Mapped[Optional["InboxObject"]] = relationship(
|
||||
"InboxObject",
|
||||
foreign_keys=relates_to_inbox_object_id,
|
||||
remote_side=id,
|
||||
uselist=False,
|
||||
)
|
||||
relates_to_outbox_object_id = Column(
|
||||
Integer,
|
||||
ForeignKey("outbox.id"),
|
||||
nullable=True,
|
||||
)
|
||||
relates_to_outbox_object: Mapped[Optional["OutboxObject"]] = relationship(
|
||||
"OutboxObject",
|
||||
foreign_keys=[relates_to_outbox_object_id],
|
||||
uselist=False,
|
||||
)
|
||||
|
||||
undone_by_inbox_object_id = Column(Integer, ForeignKey("inbox.id"), nullable=True)
|
||||
|
||||
# Link the oubox AP ID to allow undo without any extra query
|
||||
liked_via_outbox_object_ap_id = Column(String, nullable=True)
|
||||
announced_via_outbox_object_ap_id = Column(String, nullable=True)
|
||||
|
||||
is_bookmarked = Column(Boolean, nullable=False, default=False)
|
||||
|
||||
# FIXME(ts): do we need this?
|
||||
has_replies = Column(Boolean, nullable=False, default=False)
|
||||
|
||||
og_meta: Mapped[list[dict[str, Any]] | None] = Column(JSON, nullable=True)
|
||||
|
||||
|
||||
class OutboxObject(Base, BaseObject):
|
||||
__tablename__ = "outbox"
|
||||
|
||||
id = Column(Integer, primary_key=True, index=True)
|
||||
created_at = Column(DateTime(timezone=True), nullable=False, default=now)
|
||||
updated_at = Column(DateTime(timezone=True), nullable=False, default=now)
|
||||
|
||||
is_hidden_from_homepage = Column(Boolean, nullable=False, default=False)
|
||||
|
||||
public_id = Column(String, nullable=False, index=True)
|
||||
|
||||
ap_type = Column(String, nullable=False)
|
||||
ap_id = Column(String, nullable=False, unique=True, index=True)
|
||||
ap_context = Column(String, nullable=True)
|
||||
ap_object: Mapped[ap.RawObject] = Column(JSON, nullable=False)
|
||||
|
||||
activity_object_ap_id = Column(String, nullable=True)
|
||||
|
||||
# Source content for activities (like Notes)
|
||||
source = Column(String, nullable=True)
|
||||
|
||||
ap_published_at = Column(DateTime(timezone=True), nullable=False, default=now)
|
||||
visibility = Column(Enum(ap.VisibilityEnum), nullable=False)
|
||||
|
||||
likes_count = Column(Integer, nullable=False, default=0)
|
||||
announces_count = Column(Integer, nullable=False, default=0)
|
||||
replies_count = Column(Integer, nullable=False, default=0)
|
||||
|
||||
webmentions = Column(JSON, nullable=True)
|
||||
|
||||
og_meta: Mapped[list[dict[str, Any]] | None] = Column(JSON, nullable=True)
|
||||
|
||||
# Never actually delete from the outbox
|
||||
is_deleted = Column(Boolean, nullable=False, default=False)
|
||||
|
||||
# Used for Like, Announce and Undo activities
|
||||
relates_to_inbox_object_id = Column(
|
||||
Integer,
|
||||
ForeignKey("inbox.id"),
|
||||
nullable=True,
|
||||
)
|
||||
relates_to_inbox_object: Mapped[Optional["InboxObject"]] = relationship(
|
||||
"InboxObject",
|
||||
foreign_keys=[relates_to_inbox_object_id],
|
||||
uselist=False,
|
||||
)
|
||||
relates_to_outbox_object_id = Column(
|
||||
Integer,
|
||||
ForeignKey("outbox.id"),
|
||||
nullable=True,
|
||||
)
|
||||
relates_to_outbox_object: Mapped[Optional["OutboxObject"]] = relationship(
|
||||
"OutboxObject",
|
||||
foreign_keys=[relates_to_outbox_object_id],
|
||||
remote_side=id,
|
||||
uselist=False,
|
||||
)
|
||||
|
||||
undone_by_outbox_object_id = Column(Integer, ForeignKey("outbox.id"), nullable=True)
|
||||
|
||||
@property
|
||||
def actor(self) -> BaseActor:
|
||||
return LOCAL_ACTOR
|
||||
|
||||
|
||||
class Follower(Base):
|
||||
__tablename__ = "followers"
|
||||
|
||||
id = Column(Integer, primary_key=True, index=True)
|
||||
created_at = Column(DateTime(timezone=True), nullable=False, default=now)
|
||||
updated_at = Column(DateTime(timezone=True), nullable=False, default=now)
|
||||
|
||||
actor_id = Column(Integer, ForeignKey("actors.id"), nullable=False, unique=True)
|
||||
actor = relationship(Actor, uselist=False)
|
||||
|
||||
inbox_object_id = Column(Integer, ForeignKey("inbox.id"), nullable=False)
|
||||
inbox_object = relationship(InboxObject, uselist=False)
|
||||
|
||||
ap_actor_id = Column(String, nullable=False, unique=True)
|
||||
|
||||
|
||||
class Following(Base):
|
||||
__tablename__ = "following"
|
||||
|
||||
id = Column(Integer, primary_key=True, index=True)
|
||||
created_at = Column(DateTime(timezone=True), nullable=False, default=now)
|
||||
updated_at = Column(DateTime(timezone=True), nullable=False, default=now)
|
||||
|
||||
actor_id = Column(Integer, ForeignKey("actors.id"), nullable=False, unique=True)
|
||||
actor = relationship(Actor, uselist=False)
|
||||
|
||||
outbox_object_id = Column(Integer, ForeignKey("outbox.id"), nullable=False)
|
||||
outbox_object = relationship(OutboxObject, uselist=False)
|
||||
|
||||
ap_actor_id = Column(String, nullable=False, unique=True)
|
||||
|
||||
|
||||
@enum.unique
|
||||
class NotificationType(str, enum.Enum):
|
||||
NEW_FOLLOWER = "new_follower"
|
||||
UNFOLLOW = "unfollow"
|
||||
LIKE = "like"
|
||||
UNDO_LIKE = "undo_like"
|
||||
ANNOUNCE = "announce"
|
||||
UNDO_ANNOUNCE = "undo_announce"
|
||||
|
||||
# TODO:
|
||||
MENTION = "mention"
|
||||
|
||||
|
||||
class Notification(Base):
|
||||
__tablename__ = "notifications"
|
||||
|
||||
id = Column(Integer, primary_key=True, index=True)
|
||||
created_at = Column(DateTime(timezone=True), nullable=False, default=now)
|
||||
notification_type = Column(Enum(NotificationType), nullable=True)
|
||||
is_new = Column(Boolean, nullable=False, default=True)
|
||||
|
||||
actor_id = Column(Integer, ForeignKey("actors.id"), nullable=True)
|
||||
actor = relationship(Actor, uselist=False)
|
||||
|
||||
outbox_object_id = Column(Integer, ForeignKey("outbox.id"), nullable=True)
|
||||
outbox_object = relationship(OutboxObject, uselist=False)
|
||||
|
||||
inbox_object_id = Column(Integer, ForeignKey("inbox.id"), nullable=True)
|
||||
inbox_object = relationship(InboxObject, uselist=False)
|
||||
|
||||
|
||||
class OutgoingActivity(Base):
|
||||
__tablename__ = "outgoing_activities"
|
||||
|
||||
id = Column(Integer, primary_key=True, index=True)
|
||||
created_at = Column(DateTime(timezone=True), nullable=False, default=now)
|
||||
|
||||
recipient = Column(String, nullable=False)
|
||||
outbox_object_id = Column(Integer, ForeignKey("outbox.id"), nullable=False)
|
||||
outbox_object = relationship(OutboxObject, uselist=False)
|
||||
|
||||
tries = Column(Integer, nullable=False, default=0)
|
||||
next_try = Column(DateTime(timezone=True), nullable=True, default=now)
|
||||
|
||||
last_try = Column(DateTime(timezone=True), nullable=True)
|
||||
last_status_code = Column(Integer, nullable=True)
|
||||
last_response = Column(String, nullable=True)
|
||||
|
||||
is_sent = Column(Boolean, nullable=False, default=False)
|
||||
is_errored = Column(Boolean, nullable=False, default=False)
|
||||
error = Column(String, nullable=True)
|
||||
|
||||
|
||||
class TaggedOutboxObject(Base):
|
||||
__tablename__ = "tagged_outbox_objects"
|
||||
__table_args__ = (
|
||||
UniqueConstraint("outbox_object_id", "tag", name="uix_tagged_object"),
|
||||
)
|
||||
|
||||
id = Column(Integer, primary_key=True, index=True)
|
||||
|
||||
outbox_object_id = Column(Integer, ForeignKey("outbox.id"), nullable=False)
|
||||
outbox_object = relationship(OutboxObject, uselist=False)
|
||||
|
||||
tag = Column(String, nullable=False, index=True)
|
||||
|
||||
|
||||
"""
|
||||
class Upload(Base):
|
||||
__tablename__ = "upload"
|
||||
|
||||
filename = Column(String, nullable=False)
|
||||
filehash = Column(String, nullable=False)
|
||||
filesize = Column(Integer, nullable=False)
|
||||
|
||||
|
||||
class OutboxObjectAttachment(Base):
|
||||
__tablename__ = "outbox_object_attachment"
|
||||
|
||||
id = Column(Integer, primary_key=True, index=True)
|
||||
|
||||
outbox_object_id = Column(Integer, ForeignKey("outbox.id"), nullable=False)
|
||||
outbox_object = relationship(OutboxObject, uselist=False)
|
||||
|
||||
upload_id = Column(Integer, ForeignKey("upload.id"))
|
||||
upload = relationship(Upload, uselist=False)
|
||||
"""
|
90
app/opengraph.py
Normal file
90
app/opengraph.py
Normal file
|
@ -0,0 +1,90 @@
|
|||
import mimetypes
|
||||
import re
|
||||
from urllib.parse import urlparse
|
||||
|
||||
import httpx
|
||||
from bs4 import BeautifulSoup # type: ignore
|
||||
from pydantic import BaseModel
|
||||
|
||||
from app import activitypub as ap
|
||||
from app import config
|
||||
from app.urlutils import is_url_valid
|
||||
|
||||
|
||||
class OpenGraphMeta(BaseModel):
|
||||
url: str
|
||||
title: str
|
||||
image: str
|
||||
description: str
|
||||
site_name: str
|
||||
|
||||
|
||||
def _scrap_og_meta(html: str) -> OpenGraphMeta | None:
|
||||
soup = BeautifulSoup(html, "html5lib")
|
||||
ogs = {
|
||||
og.attrs["property"]: og.attrs.get("content")
|
||||
for og in soup.html.head.findAll(property=re.compile(r"^og"))
|
||||
}
|
||||
raw = {}
|
||||
for field in OpenGraphMeta.__fields__.keys():
|
||||
og_field = f"og:{field}"
|
||||
if not ogs.get(og_field):
|
||||
return None
|
||||
|
||||
raw[field] = ogs[og_field]
|
||||
|
||||
return OpenGraphMeta.parse_obj(raw)
|
||||
|
||||
|
||||
def _urls_from_note(note: ap.RawObject) -> set[str]:
|
||||
note_host = urlparse(ap.get_id(note["id"]) or "").netloc
|
||||
|
||||
urls = set()
|
||||
if "content" in note:
|
||||
soup = BeautifulSoup(note["content"], "html5lib")
|
||||
for link in soup.find_all("a"):
|
||||
h = link.get("href")
|
||||
ph = urlparse(h)
|
||||
mimetype, _ = mimetypes.guess_type(h)
|
||||
if (
|
||||
ph.scheme in {"http", "https"}
|
||||
and ph.netloc != note_host
|
||||
and is_url_valid(h)
|
||||
and (
|
||||
not mimetype
|
||||
or mimetype.split("/")[0] in ["image", "video", "audio"]
|
||||
)
|
||||
):
|
||||
urls.add(h)
|
||||
|
||||
return urls
|
||||
|
||||
|
||||
def _og_meta_from_url(url: str) -> OpenGraphMeta | None:
|
||||
resp = httpx.get(
|
||||
url,
|
||||
headers={
|
||||
"User-Agent": config.USER_AGENT,
|
||||
},
|
||||
follow_redirects=True,
|
||||
)
|
||||
resp.raise_for_status()
|
||||
|
||||
if not (ct := resp.headers.get("content-type")) or not ct.startswith("text/html"):
|
||||
return None
|
||||
|
||||
return _scrap_og_meta(resp.text)
|
||||
|
||||
|
||||
def og_meta_from_note(note: ap.RawObject) -> list[OpenGraphMeta]:
|
||||
og_meta = []
|
||||
urls = _urls_from_note(note)
|
||||
for url in urls:
|
||||
try:
|
||||
maybe_og_meta = _og_meta_from_url(url)
|
||||
if maybe_og_meta:
|
||||
og_meta.append(maybe_og_meta)
|
||||
except httpx.HTTPError:
|
||||
pass
|
||||
|
||||
return og_meta
|
138
app/process_outgoing_activities.py
Normal file
138
app/process_outgoing_activities.py
Normal file
|
@ -0,0 +1,138 @@
|
|||
import email
|
||||
import time
|
||||
import traceback
|
||||
from datetime import datetime
|
||||
from datetime import timedelta
|
||||
|
||||
import httpx
|
||||
from loguru import logger
|
||||
from sqlalchemy.orm import Session
|
||||
|
||||
from app import activitypub as ap
|
||||
from app import models
|
||||
from app.database import SessionLocal
|
||||
from app.database import now
|
||||
|
||||
_MAX_RETRIES = 16
|
||||
|
||||
|
||||
def new_outgoing_activity(
|
||||
db: Session,
|
||||
recipient: str,
|
||||
outbox_object_id: int,
|
||||
) -> models.OutgoingActivity:
|
||||
outgoing_activity = models.OutgoingActivity(
|
||||
recipient=recipient,
|
||||
outbox_object_id=outbox_object_id,
|
||||
)
|
||||
|
||||
db.add(outgoing_activity)
|
||||
db.commit()
|
||||
db.refresh(outgoing_activity)
|
||||
return outgoing_activity
|
||||
|
||||
|
||||
def _parse_retry_after(retry_after: str) -> datetime | None:
|
||||
try:
|
||||
# Retry-After: 120
|
||||
seconds = int(retry_after)
|
||||
except ValueError:
|
||||
# Retry-After: Wed, 21 Oct 2015 07:28:00 GMT
|
||||
dt_tuple = email.utils.parsedate_tz(retry_after)
|
||||
if dt_tuple is None:
|
||||
return None
|
||||
|
||||
seconds = int(email.utils.mktime_tz(dt_tuple) - time.time())
|
||||
|
||||
return now() + timedelta(seconds=seconds)
|
||||
|
||||
|
||||
def _exp_backoff(tries: int) -> datetime:
|
||||
seconds = 2 * (2 ** (tries - 1))
|
||||
return now() + timedelta(seconds=seconds)
|
||||
|
||||
|
||||
def _set_next_try(
|
||||
outgoing_activity: models.OutgoingActivity,
|
||||
next_try: datetime | None = None,
|
||||
) -> None:
|
||||
if not outgoing_activity.tries:
|
||||
raise ValueError("Should never happen")
|
||||
|
||||
if outgoing_activity.tries == _MAX_RETRIES:
|
||||
outgoing_activity.is_errored = True
|
||||
outgoing_activity.next_try = None
|
||||
else:
|
||||
outgoing_activity.next_try = next_try or _exp_backoff(outgoing_activity.tries)
|
||||
|
||||
|
||||
def process_next_outgoing_activity(db: Session) -> bool:
|
||||
q = (
|
||||
db.query(models.OutgoingActivity)
|
||||
.filter(
|
||||
models.OutgoingActivity.next_try <= now(),
|
||||
models.OutgoingActivity.is_errored.is_(False),
|
||||
models.OutgoingActivity.is_sent.is_(False),
|
||||
)
|
||||
.order_by(models.OutgoingActivity.next_try)
|
||||
)
|
||||
q_count = q.count()
|
||||
logger.info(f"{q_count} outgoing activities ready to process")
|
||||
if not q_count:
|
||||
logger.info("No activities to process")
|
||||
return False
|
||||
|
||||
next_activity = q.limit(1).one()
|
||||
|
||||
next_activity.tries = next_activity.tries + 1
|
||||
next_activity.last_try = now()
|
||||
|
||||
payload = ap.wrap_object_if_needed(next_activity.outbox_object.ap_object)
|
||||
logger.info(f"{payload=}")
|
||||
try:
|
||||
resp = ap.post(next_activity.recipient, payload)
|
||||
except httpx.HTTPStatusError as http_error:
|
||||
logger.exception("Failed")
|
||||
next_activity.last_status_code = http_error.response.status_code
|
||||
next_activity.last_response = http_error.response.text
|
||||
next_activity.error = traceback.format_exc()
|
||||
|
||||
if http_error.response.status_code in [429, 503]:
|
||||
retry_after: datetime | None = None
|
||||
if retry_after_value := http_error.response.headers.get("Retry-After"):
|
||||
retry_after = _parse_retry_after(retry_after_value)
|
||||
_set_next_try(next_activity, retry_after)
|
||||
elif 400 <= http_error.response.status_code < 500:
|
||||
logger.info(f"status_code={http_error.response.status_code} not retrying")
|
||||
next_activity.is_errored = True
|
||||
next_activity.next_try = None
|
||||
else:
|
||||
_set_next_try(next_activity)
|
||||
except Exception:
|
||||
logger.exception("Failed")
|
||||
next_activity.error = traceback.format_exc()
|
||||
_set_next_try(next_activity)
|
||||
else:
|
||||
logger.info("Success")
|
||||
next_activity.is_sent = True
|
||||
next_activity.last_status_code = resp.status_code
|
||||
next_activity.last_response = resp.text
|
||||
|
||||
db.commit()
|
||||
return True
|
||||
|
||||
|
||||
def loop() -> None:
|
||||
db = SessionLocal()
|
||||
while 1:
|
||||
try:
|
||||
process_next_outgoing_activity(db)
|
||||
except Exception:
|
||||
logger.exception("Failed to process next outgoing activity")
|
||||
raise
|
||||
|
||||
time.sleep(1)
|
||||
|
||||
|
||||
if __name__ == "__main__":
|
||||
loop()
|
81
app/source.py
Normal file
81
app/source.py
Normal file
|
@ -0,0 +1,81 @@
|
|||
import re
|
||||
|
||||
from markdown import markdown
|
||||
from sqlalchemy.orm import Session
|
||||
|
||||
from app import models
|
||||
from app import webfinger
|
||||
from app.actor import fetch_actor
|
||||
from app.config import BASE_URL
|
||||
|
||||
|
||||
def _set_a_attrs(attrs, new=False):
|
||||
attrs[(None, "target")] = "_blank"
|
||||
attrs[(None, "class")] = "external"
|
||||
attrs[(None, "rel")] = "noopener"
|
||||
attrs[(None, "title")] = attrs[(None, "href")]
|
||||
return attrs
|
||||
|
||||
|
||||
_HASHTAG_REGEX = re.compile(r"(#[\d\w]+)")
|
||||
_MENTION_REGEX = re.compile(r"@[\d\w_.+-]+@[\d\w-]+\.[\d\w\-.]+")
|
||||
|
||||
|
||||
def _hashtagify(db: Session, content: str) -> tuple[str, list[dict[str, str]]]:
|
||||
tags = []
|
||||
hashtags = re.findall(_HASHTAG_REGEX, content)
|
||||
hashtags = sorted(set(hashtags), reverse=True) # unique tags, longest first
|
||||
for hashtag in hashtags:
|
||||
tag = hashtag[1:]
|
||||
link = f'<a href="{BASE_URL}/t/{tag}" class="mention hashtag" rel="tag">#<span>{tag}</span></a>' # noqa: E501
|
||||
tags.append(dict(href=f"{BASE_URL}/t/{tag}", name=hashtag, type="Hashtag"))
|
||||
content = content.replace(hashtag, link)
|
||||
return content, tags
|
||||
|
||||
|
||||
def _mentionify(
|
||||
db: Session, content: str, hide_domain: bool = False
|
||||
) -> tuple[str, list[dict[str, str]]]:
|
||||
tags = []
|
||||
for mention in re.findall(_MENTION_REGEX, content):
|
||||
_, username, domain = mention.split("@")
|
||||
actor = (
|
||||
db.query(models.Actor).filter(models.Actor.handle == mention).one_or_none()
|
||||
)
|
||||
if not actor:
|
||||
actor_url = webfinger.get_actor_url(mention)
|
||||
if not actor_url:
|
||||
# FIXME(ts): raise an error?
|
||||
continue
|
||||
actor = fetch_actor(db, actor_url)
|
||||
|
||||
tags.append(dict(type="Mention", href=actor.url, name=mention))
|
||||
|
||||
d = f"@{domain}"
|
||||
if hide_domain:
|
||||
d = ""
|
||||
|
||||
link = f'<span class="h-card"><a href="{actor.url}" class="u-url mention">@<span>{username}</span>{d}</a></span>' # noqa: E501
|
||||
content = content.replace(mention, link)
|
||||
return content, tags
|
||||
|
||||
|
||||
def markdownify(
|
||||
db: Session,
|
||||
content: str,
|
||||
mentionify: bool = True,
|
||||
hashtagify: bool = True,
|
||||
) -> tuple[str, list[dict[str, str]]]:
|
||||
"""
|
||||
>>> content, tags = markdownify("Hello")
|
||||
|
||||
"""
|
||||
tags = []
|
||||
if hashtagify:
|
||||
content, hashtag_tags = _hashtagify(db, content)
|
||||
tags.extend(hashtag_tags)
|
||||
if mentionify:
|
||||
content, mention_tags = _mentionify(db, content)
|
||||
tags.extend(mention_tags)
|
||||
content = markdown(content, extensions=["mdx_linkify"])
|
||||
return content, tags
|
1
app/static/css/.gitignore
vendored
Normal file
1
app/static/css/.gitignore
vendored
Normal file
|
@ -0,0 +1 @@
|
|||
*.css
|
BIN
app/static/nopic.png
Normal file
BIN
app/static/nopic.png
Normal file
Binary file not shown.
After Width: | Height: | Size: 1.7 KiB |
190
app/templates.py
Normal file
190
app/templates.py
Normal file
|
@ -0,0 +1,190 @@
|
|||
import base64
|
||||
from datetime import datetime
|
||||
from datetime import timezone
|
||||
from functools import lru_cache
|
||||
from typing import Any
|
||||
from urllib.parse import urlparse
|
||||
|
||||
import bleach
|
||||
import timeago # type: ignore
|
||||
from bs4 import BeautifulSoup # type: ignore
|
||||
from fastapi import Request
|
||||
from fastapi.templating import Jinja2Templates
|
||||
from sqlalchemy.orm import Session
|
||||
from starlette.templating import _TemplateResponse as TemplateResponse
|
||||
|
||||
from app import models
|
||||
from app.actor import LOCAL_ACTOR
|
||||
from app.ap_object import Attachment
|
||||
from app.boxes import public_outbox_objects_count
|
||||
from app.config import DEBUG
|
||||
from app.config import DOMAIN
|
||||
from app.config import VERSION
|
||||
from app.config import generate_csrf_token
|
||||
from app.config import session_serializer
|
||||
from app.database import now
|
||||
from app.highlight import HIGHLIGHT_CSS
|
||||
from app.highlight import highlight
|
||||
|
||||
_templates = Jinja2Templates(directory="app/templates")
|
||||
|
||||
|
||||
def _filter_domain(text: str) -> str:
|
||||
hostname = urlparse(text).hostname
|
||||
if not hostname:
|
||||
raise ValueError(f"No hostname for {text}")
|
||||
return hostname
|
||||
|
||||
|
||||
def _media_proxy_url(url: str | None) -> str:
|
||||
if not url:
|
||||
return "/static/nopic.png"
|
||||
|
||||
if url.startswith(DOMAIN):
|
||||
return url
|
||||
|
||||
encoded_url = base64.urlsafe_b64encode(url.encode()).decode()
|
||||
return f"/proxy/media/{encoded_url}"
|
||||
|
||||
|
||||
def is_current_user_admin(request: Request) -> bool:
|
||||
is_admin = False
|
||||
session_cookie = request.cookies.get("session")
|
||||
if session_cookie:
|
||||
try:
|
||||
loaded_session = session_serializer.loads(
|
||||
session_cookie,
|
||||
max_age=3600 * 12,
|
||||
)
|
||||
except Exception:
|
||||
pass
|
||||
else:
|
||||
is_admin = loaded_session.get("is_logged_in")
|
||||
|
||||
return is_admin
|
||||
|
||||
|
||||
def render_template(
|
||||
db: Session,
|
||||
request: Request,
|
||||
template: str,
|
||||
template_args: dict[str, Any] = {},
|
||||
) -> TemplateResponse:
|
||||
is_admin = False
|
||||
is_admin = is_current_user_admin(request)
|
||||
|
||||
return _templates.TemplateResponse(
|
||||
template,
|
||||
{
|
||||
"request": request,
|
||||
"debug": DEBUG,
|
||||
"microblogpub_version": VERSION,
|
||||
"is_admin": is_admin,
|
||||
"csrf_token": generate_csrf_token() if is_admin else None,
|
||||
"highlight_css": HIGHLIGHT_CSS,
|
||||
"notifications_count": db.query(models.Notification)
|
||||
.filter(models.Notification.is_new.is_(True))
|
||||
.count()
|
||||
if is_admin
|
||||
else 0,
|
||||
"local_actor": LOCAL_ACTOR,
|
||||
"followers_count": db.query(models.Follower).count(),
|
||||
"following_count": db.query(models.Following).count(),
|
||||
"objects_count": public_outbox_objects_count(db),
|
||||
**template_args,
|
||||
},
|
||||
)
|
||||
|
||||
|
||||
# HTML/templates helper
|
||||
ALLOWED_TAGS = [
|
||||
"a",
|
||||
"abbr",
|
||||
"acronym",
|
||||
"b",
|
||||
"br",
|
||||
"blockquote",
|
||||
"code",
|
||||
"pre",
|
||||
"em",
|
||||
"i",
|
||||
"li",
|
||||
"ol",
|
||||
"strong",
|
||||
"sup",
|
||||
"sub",
|
||||
"del",
|
||||
"ul",
|
||||
"span",
|
||||
"div",
|
||||
"p",
|
||||
"h1",
|
||||
"h2",
|
||||
"h3",
|
||||
"h4",
|
||||
"h5",
|
||||
"h6",
|
||||
"table",
|
||||
"th",
|
||||
"tr",
|
||||
"td",
|
||||
"thead",
|
||||
"tbody",
|
||||
"tfoot",
|
||||
"colgroup",
|
||||
"caption",
|
||||
"img",
|
||||
]
|
||||
|
||||
ALLOWED_ATTRIBUTES = {
|
||||
"a": ["href", "title"],
|
||||
"abbr": ["title"],
|
||||
"acronym": ["title"],
|
||||
"img": ["src", "alt", "title"],
|
||||
}
|
||||
|
||||
|
||||
@lru_cache(maxsize=256)
|
||||
def _update_inline_imgs(content):
|
||||
soup = BeautifulSoup(content, "html5lib")
|
||||
imgs = soup.find_all("img")
|
||||
if not imgs:
|
||||
return content
|
||||
|
||||
for img in imgs:
|
||||
if not img.attrs.get("src"):
|
||||
continue
|
||||
|
||||
img.attrs["src"] = _media_proxy_url(img.attrs["src"])
|
||||
|
||||
return soup.find("body").decode_contents()
|
||||
|
||||
|
||||
def _clean_html(html: str) -> str:
|
||||
try:
|
||||
return bleach.clean(
|
||||
_update_inline_imgs(highlight(html)),
|
||||
tags=ALLOWED_TAGS,
|
||||
attributes=ALLOWED_ATTRIBUTES,
|
||||
strip=True,
|
||||
)
|
||||
except Exception:
|
||||
raise
|
||||
|
||||
|
||||
def _timeago(original_dt: datetime) -> str:
|
||||
dt = original_dt
|
||||
if dt.tzinfo:
|
||||
dt = dt.astimezone(timezone.utc).replace(tzinfo=None)
|
||||
return timeago.format(dt, now().replace(tzinfo=None))
|
||||
|
||||
|
||||
def _has_media_type(attachment: Attachment, media_type_prefix: str) -> bool:
|
||||
return attachment.media_type.startswith(media_type_prefix)
|
||||
|
||||
|
||||
_templates.env.filters["domain"] = _filter_domain
|
||||
_templates.env.filters["media_proxy_url"] = _media_proxy_url
|
||||
_templates.env.filters["clean_html"] = _clean_html
|
||||
_templates.env.filters["timeago"] = _timeago
|
||||
_templates.env.filters["has_media_type"] = _has_media_type
|
13
app/templates/admin_new.html
Normal file
13
app/templates/admin_new.html
Normal file
|
@ -0,0 +1,13 @@
|
|||
{%- import "utils.html" as utils with context -%}
|
||||
{% extends "layout.html" %}
|
||||
{% block content %}
|
||||
|
||||
<form action="{{ request.url_for("admin_actions_new") }}" enctype="multipart/form-data" method="POST">
|
||||
{{ utils.embed_csrf_token() }}
|
||||
{{ utils.embed_redirect_url() }}
|
||||
<textarea name="content" rows="10" cols="50" autofocus="autofocus" designMode="on" style="font-size:1.2em;width:95%;"></textarea>
|
||||
<input name="files" type="file" multiple>
|
||||
<input type="submit" value="Publish">
|
||||
</form>
|
||||
|
||||
{% endblock %}
|
25
app/templates/admin_stream.html
Normal file
25
app/templates/admin_stream.html
Normal file
|
@ -0,0 +1,25 @@
|
|||
{%- import "utils.html" as utils with context -%}
|
||||
{% extends "layout.html" %}
|
||||
{% block content %}
|
||||
|
||||
{% for inbox_object in stream %}
|
||||
{% if inbox_object.ap_type == "Announce" %}
|
||||
{% if inbox_object.relates_to_inbox_object_id %}
|
||||
{{ utils.display_object(inbox_object.relates_to_inbox_object) }}
|
||||
{% else %}
|
||||
|
||||
{% endif %}
|
||||
|
||||
{% else %}
|
||||
{{ utils.display_object(inbox_object) }}
|
||||
{% if inbox_object.liked_via_outbox_object_ap_id %}
|
||||
{{ utils.admin_undo_button(inbox_object.liked_via_outbox_object_ap_id, "Unlike") }}
|
||||
{% else %}
|
||||
{{ utils.admin_like_button(inbox_object.ap_id) }}
|
||||
{% endif %}
|
||||
|
||||
{{ utils.admin_announce_button(inbox_object.ap_id) }}
|
||||
{% endif %}
|
||||
{% endfor %}
|
||||
|
||||
{% endblock %}
|
12
app/templates/followers.html
Normal file
12
app/templates/followers.html
Normal file
|
@ -0,0 +1,12 @@
|
|||
{%- import "utils.html" as utils -%}
|
||||
{% extends "layout.html" %}
|
||||
{% block content %}
|
||||
{% include "header.html" %}
|
||||
<div id="followers">
|
||||
<ul>
|
||||
{% for follower in followers %}
|
||||
<li>{{ utils.display_actor(follower.actor, actors_metadata) }}</li>
|
||||
{% endfor %}
|
||||
</ul>
|
||||
</div>
|
||||
{% endblock %}
|
12
app/templates/following.html
Normal file
12
app/templates/following.html
Normal file
|
@ -0,0 +1,12 @@
|
|||
{%- import "utils.html" as utils with context -%}
|
||||
{% extends "layout.html" %}
|
||||
{% block content %}
|
||||
{% include "header.html" %}
|
||||
<div id="following">
|
||||
<ul>
|
||||
{% for follow in following %}
|
||||
<li>{{ utils.display_actor(follow.actor, actors_metadata) }}</li>
|
||||
{% endfor %}
|
||||
</ul>
|
||||
</div>
|
||||
{% endblock %}
|
31
app/templates/header.html
Normal file
31
app/templates/header.html
Normal file
|
@ -0,0 +1,31 @@
|
|||
<header id="header">
|
||||
|
||||
<div class="h-card p-author">
|
||||
<data class="u-photo" value="{{ local_actor.icon_url }}"></data>
|
||||
<a href="{{ local_actor.url }}" class="u-url u-uid no-hover title">
|
||||
<span style="font-size:1.1em;">{{ local_actor.name }}</span>
|
||||
<span style="font-size:0.85em;" class="subtitle-username">{{ local_actor.handle }}</span>
|
||||
</a>
|
||||
|
||||
<div class="p-note summary">
|
||||
{{ local_actor.summary | safe }}
|
||||
</div>
|
||||
|
||||
</div>
|
||||
|
||||
{%- macro header_link(url, text) -%}
|
||||
{% set url_for = request.url_for(url) %}
|
||||
<a href="{{ url_for }}" {% if request.url == url_for %}class="active"{% endif %}>{{ text }}</a>
|
||||
{% endmacro %}
|
||||
|
||||
<div style="margin:30px 0;">
|
||||
<nav class="flexbox">
|
||||
<ul>
|
||||
<li>{{ header_link("index", "Notes") }} <span>{{ objects_count }}</span></li>
|
||||
<li>{{ header_link("followers", "Followers") }} <span>{{ followers_count }}</span></li>
|
||||
<li>{{ header_link("following", "Following") }} <span>{{ following_count }}</span></li>
|
||||
</ul>
|
||||
</nav>
|
||||
|
||||
|
||||
</header>
|
14
app/templates/index.html
Normal file
14
app/templates/index.html
Normal file
|
@ -0,0 +1,14 @@
|
|||
{%- import "utils.html" as utils with context -%}
|
||||
{% extends "layout.html" %}
|
||||
{% block content %}
|
||||
{% include "header.html" %}
|
||||
|
||||
{% for outbox_object in objects %}
|
||||
{{ outbox_object.likes_count }}
|
||||
{{ outbox_object.announces_count }}
|
||||
{{ utils.display_object(outbox_object) }}
|
||||
{% endfor %}
|
||||
|
||||
|
||||
|
||||
{% endblock %}
|
46
app/templates/layout.html
Normal file
46
app/templates/layout.html
Normal file
|
@ -0,0 +1,46 @@
|
|||
<!DOCTYPE HTML>
|
||||
<html lang="en">
|
||||
<head>
|
||||
<meta charset="utf-8">
|
||||
<meta http-equiv="x-ua-compatible" content="ie=edge">
|
||||
<meta name="viewport" content="width=device-width, initial-scale=1, shrink-to-fit=no">
|
||||
<link rel="stylesheet" href="/static/css/main.css">
|
||||
<style>
|
||||
{{ highlight_css }}
|
||||
</style>
|
||||
</head>
|
||||
<body>
|
||||
<div id="main">
|
||||
<main>
|
||||
{% if is_admin %}
|
||||
<div id="admin">
|
||||
{% macro admin_link(url, text) %}
|
||||
{% set url_for = request.url_for(url) %}
|
||||
<a href="{{ url_for }}" {% if request.url == url_for %}class="active"{% endif %}>{{ text }}</a>
|
||||
{% endmacro %}
|
||||
<div style="margin-bottom:30px;">
|
||||
<nav class="flexbox">
|
||||
<ul>
|
||||
<li>Admin</li>
|
||||
<li>{{ admin_link("index", "Public") }}</li>
|
||||
<li>{{ admin_link("admin_new", "New") }}</li>
|
||||
<li>{{ admin_link("stream", "Stream") }}</li>
|
||||
<li>{{ admin_link("get_notifications", "Notifications") }} {% if notifications_count %}({{ notifications_count }}){% endif %}</li>
|
||||
<li>{{ admin_link("get_lookup", "Lookup") }}</li>
|
||||
<li><a href="">Bookmarks</a></li>
|
||||
<li><a href="{{ request.url_for("logout")}}">Logout</a></li>
|
||||
</ul>
|
||||
</nav>
|
||||
</div>
|
||||
|
||||
</div>
|
||||
{% endif %}
|
||||
{% block content %}{% endblock %}
|
||||
</main>
|
||||
</div>
|
||||
|
||||
<footer class="footer">
|
||||
Powered by <a href="https://microblog.pub">microblog.pub</a> <small class="microblogpub-version"><code>{{ microblogpub_version }}</code></small> (<a href="https://github.com/tsileo/microblog.pub">source code</a>) and the <a href="https://activitypub.rocks/">ActivityPub</a> protocol
|
||||
</footer>
|
||||
</body>
|
||||
</html>
|
13
app/templates/login.html
Normal file
13
app/templates/login.html
Normal file
|
@ -0,0 +1,13 @@
|
|||
{%- import "utils.html" as utils with context -%}
|
||||
{% extends "layout.html" %}
|
||||
{% block content %}
|
||||
<div style="display:grid;height:80%;">
|
||||
<div style="margin:auto;">
|
||||
<form action="/admin/login" method="POST">
|
||||
<input type="hidden" name="csrf_token" value="{{ csrf_token }}">
|
||||
<input type="password" name="password">
|
||||
<input type="submit" value="Login">
|
||||
</form>
|
||||
</div>
|
||||
</div>
|
||||
{% endblock %}
|
14
app/templates/lookup.html
Normal file
14
app/templates/lookup.html
Normal file
|
@ -0,0 +1,14 @@
|
|||
{%- import "utils.html" as utils with context -%}
|
||||
{% extends "layout.html" %}
|
||||
{% block content %}
|
||||
<form action="{{ url_for("get_lookup") }}" method="GET">
|
||||
<input type="text" name="query" value="{{ query if query else "" }}">
|
||||
<input type="submit" value="Lookup">
|
||||
</form>
|
||||
{{ actors_metadata }}
|
||||
{% if ap_object and ap_object.ap_type == "Person" %}
|
||||
{{ utils.display_actor(ap_object, actors_metadata) }}
|
||||
{% elif ap_object %}
|
||||
{{ utils.display_object(ap_object) }}
|
||||
{% endif %}
|
||||
{% endblock %}
|
45
app/templates/notifications.html
Normal file
45
app/templates/notifications.html
Normal file
|
@ -0,0 +1,45 @@
|
|||
{%- import "utils.html" as utils with context -%}
|
||||
{% extends "layout.html" %}
|
||||
{% block content %}
|
||||
<h2>Notifications</h2>
|
||||
<div id="notifications">
|
||||
{%- for notif in notifications %}
|
||||
<div>
|
||||
{%- if notif.notification_type.value == "new_follower" %}
|
||||
<div title="{{ notif.created_at.isoformat() }}">
|
||||
<a style="font-weight:bold;" href="{{ notif.actor.url }}">{{ notif.actor.name or notif.actor.preferred_username }}</a> followed you
|
||||
</div>
|
||||
{{ utils.display_actor(notif.actor, actors_metadata) }}
|
||||
{% elif notif.notification_type.value == "unfollow" %}
|
||||
<div title="{{ notif.created_at.isoformat() }}">
|
||||
<a style="font-weight:bold;" href="{{ notif.actor.url }}">{{ notif.actor.name or notif.actor.preferred_username }}</a> unfollowed you
|
||||
</div>
|
||||
{{ utils.display_actor(notif.actor, actors_metadata) }}
|
||||
{% elif notif.notification_type.value == "like" %}
|
||||
<div title="{{ notif.created_at.isoformat() }}">
|
||||
<a style="font-weight:bold;" href="{{ notif.actor.url }}">{{ notif.actor.name or notif.actor.preferred_username }}</a> liked a post
|
||||
</div>
|
||||
{{ utils.display_object(notif.outbox_object) }}
|
||||
{% elif notif.notification_type.value == "undo_like" %}
|
||||
<div title="{{ notif.created_at.isoformat() }}">
|
||||
<a style="font-weight:bold;" href="{{ notif.actor.url }}">{{ notif.actor.name or notif.actor.preferred_username }}</a> un-liked a post
|
||||
</div>
|
||||
{{ utils.display_object(notif.outbox_object) }}
|
||||
{% elif notif.notification_type.value == "announce" %}
|
||||
<div title="{{ notif.created_at.isoformat() }}">
|
||||
<a style="font-weight:bold;" href="{{ notif.actor.url }}">{{ notif.actor.name or notif.actor.preferred_username }}</a> boosted a post
|
||||
</div>
|
||||
{{ utils.display_object(notif.outbox_object) }}
|
||||
{% elif notif.notification_type.value == "undo_announce" %}
|
||||
<div title="{{ notif.created_at.isoformat() }}">
|
||||
<a style="font-weight:bold;" href="{{ notif.actor.url }}">{{ notif.actor.name or notif.actor.preferred_username }}</a> un-boosted a post
|
||||
</div>
|
||||
{{ utils.display_object(notif.outbox_object) }}
|
||||
|
||||
{% else %}
|
||||
{{ notif }}
|
||||
{%- endif %}
|
||||
</div>
|
||||
{%- endfor %}
|
||||
</div>
|
||||
{% endblock %}
|
8
app/templates/object.html
Normal file
8
app/templates/object.html
Normal file
|
@ -0,0 +1,8 @@
|
|||
{%- import "utils.html" as utils with context -%}
|
||||
{% extends "layout.html" %}
|
||||
{% block content %}
|
||||
{% include "header.html" %}
|
||||
|
||||
{{ utils.display_object(outbox_object) }}
|
||||
|
||||
{% endblock %}
|
143
app/templates/utils.html
Normal file
143
app/templates/utils.html
Normal file
|
@ -0,0 +1,143 @@
|
|||
{% macro embed_csrf_token() %}
|
||||
<input type="hidden" name="csrf_token" value="{{ csrf_token }}">
|
||||
{% endmacro %}
|
||||
|
||||
{% macro embed_redirect_url() %}
|
||||
<input type="hidden" name="redirect_url" value="{{ request.url }}">
|
||||
{% endmacro %}
|
||||
|
||||
{% macro admin_follow_button(actor) %}
|
||||
<form action="{{ request.url_for("admin_actions_follow") }}" method="POST">
|
||||
{{ embed_csrf_token() }}
|
||||
{{ embed_redirect_url() }}
|
||||
<input type="hidden" name="ap_actor_id" value="{{ actor.ap_id }}">
|
||||
<input type="submit" value="Follow">
|
||||
</form>
|
||||
{% endmacro %}
|
||||
|
||||
{% macro admin_like_button(ap_object_id) %}
|
||||
<form action="{{ request.url_for("admin_actions_like") }}" method="POST">
|
||||
{{ embed_csrf_token() }}
|
||||
{{ embed_redirect_url() }}
|
||||
<input type="hidden" name="ap_object_id" value="{{ ap_object_id }}">
|
||||
<input type="submit" value="Like">
|
||||
</form>
|
||||
{% endmacro %}
|
||||
|
||||
{% macro admin_announce_button(ap_object_id) %}
|
||||
<form action="{{ request.url_for("admin_actions_announce") }}" method="POST">
|
||||
{{ embed_csrf_token() }}
|
||||
{{ embed_redirect_url() }}
|
||||
<input type="hidden" name="ap_object_id" value="{{ ap_object_id }}">
|
||||
<input type="submit" value="Announce">
|
||||
</form>
|
||||
{% endmacro %}
|
||||
|
||||
{% macro admin_undo_button(ap_object_id, action="Undo") %}
|
||||
<form action="{{ request.url_for("admin_actions_undo") }}" method="POST">
|
||||
{{ embed_csrf_token() }}
|
||||
{{ embed_redirect_url() }}
|
||||
<input type="hidden" name="ap_object_id" value="{{ ap_object_id }}">
|
||||
<input type="submit" value="{{ action }}">
|
||||
</form>
|
||||
{% endmacro %}
|
||||
|
||||
{% macro sensitive_button(permalink_id) %}
|
||||
<form action="" method="GET">
|
||||
<input type="hidden" name="show_sensitive" value="{{ permalink_id }}">
|
||||
{% for k, v in request.query_params.items() %}
|
||||
<input type="hidden" name="{{k}}" value="{{v}}">
|
||||
{% endfor %}
|
||||
<button type="submit">display sensitive content</button>
|
||||
</form>
|
||||
{% endmacro %}
|
||||
|
||||
{% macro display_actor(actor, actors_metadata) %}
|
||||
{{ actors_metadata }}
|
||||
{% set metadata = actors_metadata.get(actor.ap_id) %}
|
||||
<div style="display: flex;column-gap: 20px;margin:20px 0 10px 0;" class="actor-box">
|
||||
<div style="flex: 0 0 48px;">
|
||||
<img src="{{ actor.icon_url | media_proxy_url }}" style="max-width:45px;">
|
||||
</div>
|
||||
<a href="{{ actor.url }}" style="">
|
||||
<div><strong>{{ actor.name or actor.preferred_username }}</strong></div>
|
||||
<div>{{ actor.handle }}</div>
|
||||
</a>
|
||||
</div>
|
||||
{% if metadata %}
|
||||
<div>
|
||||
<nav class="flexbox">
|
||||
<ul>
|
||||
<li>
|
||||
{% if metadata.is_following %}already following {{ admin_undo_button(metadata.outbox_follow_ap_id, "Unfollow")}}
|
||||
{% elif metadata.is_follow_request_sent %}follow request sent
|
||||
{% else %}
|
||||
{{ admin_follow_button(actor) }}
|
||||
{% endif %}
|
||||
</li>
|
||||
<li>
|
||||
{% if metadata.is_follower %}follows you{% else %}
|
||||
{% endif %}
|
||||
</li>
|
||||
</ul>
|
||||
</nav>
|
||||
</div>
|
||||
{% endif %}
|
||||
|
||||
{% endmacro %}
|
||||
|
||||
{% macro display_object(object) %}
|
||||
{% if object.ap_type in ["Note", "Article", "Video"] %}
|
||||
<div class="activity-wrap" id="{{ object.permalink_id }}">
|
||||
<div class="activity-content">
|
||||
<img src="{% if object.actor.icon_url %}{{ object.actor.icon_url | media_proxy_url }}{% else %}/static/nopic.png{% endif %}" alt="" class="actor-icon">
|
||||
<div class="activity-header">
|
||||
<strong>{{ object.actor.name or object.actor.preferred_username }}</strong>
|
||||
<span>{{ object.actor.handle }}</span>
|
||||
<span class="activity-date" title="{{ object.ap_published_at.isoformat() }}">
|
||||
<a href="{{ object.url }}">{{ object.ap_published_at | timeago }}</a>
|
||||
</span>
|
||||
<div class="activity-main">
|
||||
{{ object.content | clean_html | safe }}
|
||||
</div>
|
||||
</div>
|
||||
</div>
|
||||
{% if object.attachments and object.sensitive and not request.query_params["show_sensitive"] == object.permalink_id %}
|
||||
<div class="activity-attachment">
|
||||
{{ sensitive_button(object.permalink_id )}}
|
||||
</div>
|
||||
{% endif %}
|
||||
{% if object.attachments and (not object.sensitive or (object.sensitive and request.query_params["show_sensitive"] == object.permalink_id)) %}
|
||||
<div class="activity-attachment">
|
||||
{% for attachment in object.attachments %}
|
||||
{% if attachment.type == "Image" or (attachment | has_media_type("image")) %}
|
||||
<img src="{{ attachment.url | media_proxy_url }}"{% if attachment.name %} alt="{{ attachment.name }}"{% endif %} class="attachment">
|
||||
{% elif attachment.type == "Video" or (attachment | has_media_type("video")) %}
|
||||
<video controls preload="metadata" src="{{ attachment.url | media_proxy_url }}"{% if attachment.name %} title="{{ attachment.name }}"{% endif %} class="attachmeent"></video>
|
||||
{% elif attachment.type == "Audio" or (attachment | has_media_type("audio")) %}
|
||||
<audio controls preload="metadata" src="{{ attachment.url | media_proxy_url }}"{% if attachment.name%} title="{{ attachment.name }}"{% endif %} style="width:480px;" class="attachment"></audio>
|
||||
{% else %}
|
||||
<a href="{{ attachment.url | media_proxy_url }}"{% if attachment.name %} title="{{ attachment.name }}"{% endif %} class="attachment">{{ attachment.url }}</a>
|
||||
{% endif %}
|
||||
{% endfor %}
|
||||
</div>
|
||||
{% endif %}
|
||||
<div class="activity-bar">
|
||||
<div class="bar-item">
|
||||
<div class="comment-count">33</div>
|
||||
</div>
|
||||
|
||||
<div class="bar-item">
|
||||
<div class="retweet-count">397</div>
|
||||
</div>
|
||||
|
||||
<div class="bar-item">
|
||||
<div class="likes-count">
|
||||
2.6k
|
||||
</div>
|
||||
</div>
|
||||
|
||||
</div>
|
||||
</div>
|
||||
{% endif %}
|
||||
{% endmacro %}
|
61
app/urlutils.py
Normal file
61
app/urlutils.py
Normal file
|
@ -0,0 +1,61 @@
|
|||
import functools
|
||||
import ipaddress
|
||||
import socket
|
||||
from urllib.parse import urlparse
|
||||
|
||||
from loguru import logger
|
||||
|
||||
from app.config import DEBUG
|
||||
|
||||
|
||||
class InvalidURLError(Exception):
|
||||
pass
|
||||
|
||||
|
||||
@functools.lru_cache
|
||||
def _getaddrinfo(hostname: str, port: int) -> str:
|
||||
try:
|
||||
ip_address = str(ipaddress.ip_address(hostname))
|
||||
except ValueError:
|
||||
try:
|
||||
ip_address = socket.getaddrinfo(hostname, port)[0][4][0]
|
||||
logger.debug(f"DNS lookup: {hostname} -> {ip_address}")
|
||||
except socket.gaierror:
|
||||
logger.exception(f"failed to lookup addr info for {hostname}")
|
||||
raise
|
||||
|
||||
return ip_address
|
||||
|
||||
|
||||
def is_url_valid(url: str) -> bool:
|
||||
"""Implements basic SSRF protection."""
|
||||
parsed = urlparse(url)
|
||||
if parsed.scheme not in ["http", "https"]:
|
||||
return False
|
||||
|
||||
# XXX in debug mode, we want to allow requests to localhost to test the
|
||||
# federation with local instances
|
||||
if DEBUG: # pragma: no cover
|
||||
return True
|
||||
|
||||
if not parsed.hostname or parsed.hostname.lower() in ["localhost"]:
|
||||
return False
|
||||
|
||||
ip_address = _getaddrinfo(
|
||||
parsed.hostname, parsed.port or (80 if parsed.scheme == "http" else 443)
|
||||
)
|
||||
logger.debug(f"{ip_address=}")
|
||||
|
||||
if ipaddress.ip_address(ip_address).is_private:
|
||||
logger.info(f"rejecting private URL {url} -> {ip_address}")
|
||||
return False
|
||||
|
||||
return True
|
||||
|
||||
|
||||
def check_url(url: str, debug: bool = False) -> None:
|
||||
logger.debug(f"check_url {url=}")
|
||||
if not is_url_valid(url):
|
||||
raise InvalidURLError(f'"{url}" is invalid')
|
||||
|
||||
return None
|
79
app/webfinger.py
Normal file
79
app/webfinger.py
Normal file
|
@ -0,0 +1,79 @@
|
|||
from typing import Any
|
||||
from urllib.parse import urlparse
|
||||
|
||||
import httpx
|
||||
from loguru import logger
|
||||
|
||||
from app import activitypub as ap
|
||||
|
||||
|
||||
def webfinger(
|
||||
resource: str,
|
||||
) -> dict[str, Any] | None: # noqa: C901
|
||||
"""Mastodon-like WebFinger resolution to retrieve the activity stream Actor URL."""
|
||||
logger.info(f"performing webfinger resolution for {resource}")
|
||||
protos = ["https", "http"]
|
||||
if resource.startswith("http://"):
|
||||
protos.reverse()
|
||||
host = urlparse(resource).netloc
|
||||
elif resource.startswith("https://"):
|
||||
host = urlparse(resource).netloc
|
||||
else:
|
||||
if resource.startswith("acct:"):
|
||||
resource = resource[5:]
|
||||
if resource.startswith("@"):
|
||||
resource = resource[1:]
|
||||
_, host = resource.split("@", 1)
|
||||
resource = "acct:" + resource
|
||||
|
||||
is_404 = False
|
||||
|
||||
for i, proto in enumerate(protos):
|
||||
try:
|
||||
url = f"{proto}://{host}/.well-known/webfinger"
|
||||
resp = ap.get(url, params={"resource": resource})
|
||||
break
|
||||
except httpx.HTTPStatusError as http_error:
|
||||
logger.exception("HTTP error")
|
||||
if http_error.response.status_code in [403, 404, 410]:
|
||||
is_404 = True
|
||||
continue
|
||||
raise
|
||||
except httpx.HTTPError:
|
||||
logger.exception("req failed")
|
||||
# If we tried https first and the domain is "http only"
|
||||
if i == 0:
|
||||
continue
|
||||
break
|
||||
if is_404:
|
||||
return None
|
||||
|
||||
return resp
|
||||
|
||||
|
||||
def get_remote_follow_template(resource: str) -> str | None:
|
||||
data = webfinger(resource)
|
||||
if data is None:
|
||||
return None
|
||||
for link in data["links"]:
|
||||
if link.get("rel") == "http://ostatus.org/schema/1.0/subscribe":
|
||||
return link.get("template")
|
||||
return None
|
||||
|
||||
|
||||
def get_actor_url(resource: str) -> str | None:
|
||||
"""Mastodon-like WebFinger resolution to retrieve the activity stream Actor URL.
|
||||
|
||||
Returns:
|
||||
the Actor URL or None if the resolution failed.
|
||||
"""
|
||||
data = webfinger(resource)
|
||||
if data is None:
|
||||
return None
|
||||
for link in data["links"]:
|
||||
if (
|
||||
link.get("rel") == "self"
|
||||
and link.get("type") == "application/activity+json"
|
||||
):
|
||||
return link.get("href")
|
||||
return None
|
8
boussole.json
Normal file
8
boussole.json
Normal file
|
@ -0,0 +1,8 @@
|
|||
{
|
||||
"SOURCES_PATH": "scss",
|
||||
"TARGET_PATH": "app/static/css",
|
||||
"LIBRARY_PATHS": [],
|
||||
"OUTPUT_STYLES": "nested",
|
||||
"SOURCE_COMMENTS": false,
|
||||
"EXCLUDES": []
|
||||
}
|
3
data/.gitignore
vendored
Normal file
3
data/.gitignore
vendored
Normal file
|
@ -0,0 +1,3 @@
|
|||
*
|
||||
!uploads/
|
||||
!.gitignore
|
2
data/uploads/.gitignore
vendored
Normal file
2
data/uploads/.gitignore
vendored
Normal file
|
@ -0,0 +1,2 @@
|
|||
*
|
||||
!.gitignore
|
1697
poetry.lock
generated
Normal file
1697
poetry.lock
generated
Normal file
File diff suppressed because it is too large
Load diff
68
pyproject.toml
Normal file
68
pyproject.toml
Normal file
|
@ -0,0 +1,68 @@
|
|||
[tool.poetry]
|
||||
name = "microblogpub"
|
||||
version = "2.0.0"
|
||||
description = ""
|
||||
authors = ["Thomas Sileo <t@a4.io>"]
|
||||
license = "AGPL-3.0"
|
||||
|
||||
[tool.poetry.dependencies]
|
||||
python = "^3.10"
|
||||
Jinja2 = "^3.1.2"
|
||||
fastapi = "^0.78.0"
|
||||
uvicorn = "^0.17.6"
|
||||
pycryptodome = "^3.14.1"
|
||||
bcrypt = "^3.2.2"
|
||||
itsdangerous = "^2.1.2"
|
||||
python-multipart = "^0.0.5"
|
||||
tomli = "^2.0.1"
|
||||
httpx = "^0.23.0"
|
||||
timeago = "^1.0.15"
|
||||
SQLAlchemy = {extras = ["mypy"], version = "^1.4.37"}
|
||||
alembic = "^1.8.0"
|
||||
bleach = "^5.0.0"
|
||||
requests = "^2.27.1"
|
||||
Markdown = "^3.3.7"
|
||||
prompt-toolkit = "^3.0.29"
|
||||
tomli-w = "^1.0.0"
|
||||
python-dateutil = "^2.8.2"
|
||||
bs4 = "^0.0.1"
|
||||
html5lib = "^1.1"
|
||||
mf2py = "^1.1.2"
|
||||
Pygments = "^2.12.0"
|
||||
types-python-dateutil = "^2.8.17"
|
||||
loguru = "^0.6.0"
|
||||
mdx-linkify = "^2.1"
|
||||
|
||||
[tool.poetry.dev-dependencies]
|
||||
black = "^22.3.0"
|
||||
flake8 = "^4.0.1"
|
||||
mypy = "^0.960"
|
||||
isort = "^5.10.1"
|
||||
types-requests = "^2.27.29"
|
||||
invoke = "^1.7.1"
|
||||
libsass = "^0.21.0"
|
||||
pytest = "^7.1.2"
|
||||
respx = "^0.19.2"
|
||||
boussole = "^2.0.0"
|
||||
types-bleach = "^5.0.2"
|
||||
types-Markdown = "^3.3.28"
|
||||
factory-boy = "^3.2.1"
|
||||
pytest-asyncio = "^0.18.3"
|
||||
|
||||
[build-system]
|
||||
requires = ["poetry-core>=1.0.0"]
|
||||
build-backend = "poetry.core.masonry.api"
|
||||
|
||||
[tool.isort]
|
||||
profile = "black"
|
||||
|
||||
[tool.mypy]
|
||||
exclude = ["alembic/versions/"]
|
||||
plugins = ["sqlalchemy.ext.mypy.plugin", "pydantic.mypy"]
|
||||
|
||||
[tool.black]
|
||||
extend-exclude = '''
|
||||
/(
|
||||
| alembic/versions
|
||||
)/
|
||||
'''
|
85
scripts/config_wizard.py
Normal file
85
scripts/config_wizard.py
Normal file
|
@ -0,0 +1,85 @@
|
|||
"""Basic wizard for setting up microblog.pub configuration files."""
|
||||
import os
|
||||
import sys
|
||||
from pathlib import Path
|
||||
from typing import Any
|
||||
|
||||
import bcrypt
|
||||
import tomli_w
|
||||
from markdown import markdown # type: ignore
|
||||
from prompt_toolkit import prompt
|
||||
|
||||
from app.key import generate_key
|
||||
from app.key import key_exists
|
||||
|
||||
|
||||
def main() -> None:
|
||||
print("Welcome to microblog.pub setup wizard\n")
|
||||
print("Generating key...")
|
||||
if key_exists():
|
||||
yn = ""
|
||||
while yn not in ["y", "n"]:
|
||||
yn = prompt(
|
||||
"WARNING, a key already exists, overwrite it? (y/n): ", default="n"
|
||||
).lower()
|
||||
if yn == "y":
|
||||
generate_key()
|
||||
else:
|
||||
generate_key()
|
||||
|
||||
config_file = Path("data/me.toml")
|
||||
|
||||
if config_file.exists():
|
||||
# Spit out the relative path for the "config artifacts"
|
||||
rconfig_file = "data/me.toml"
|
||||
print(
|
||||
f"Existing setup detected, please delete {rconfig_file} "
|
||||
"before restarting the wizard"
|
||||
)
|
||||
sys.exit(2)
|
||||
|
||||
dat: dict[str, Any] = {}
|
||||
print("Your identity will be @{username}@{domain}")
|
||||
dat["domain"] = prompt("domain: ")
|
||||
dat["username"] = prompt("username: ")
|
||||
dat["admin_password"] = bcrypt.hashpw(
|
||||
prompt("admin password: ", is_password=True).encode(), bcrypt.gensalt()
|
||||
).decode()
|
||||
dat["name"] = prompt("name (e.g. John Doe): ", default=dat["username"])
|
||||
dat["summary"] = markdown(
|
||||
prompt(
|
||||
(
|
||||
"summary (short description, in markdown, "
|
||||
"press [ESC] then [ENTER] to submit):\n"
|
||||
),
|
||||
multiline=True,
|
||||
)
|
||||
)
|
||||
dat["https"] = True
|
||||
proto = "https"
|
||||
yn = ""
|
||||
while yn not in ["y", "n"]:
|
||||
yn = prompt("will the site be served via https? (y/n): ", default="y").lower()
|
||||
if yn == "n":
|
||||
dat["https"] = False
|
||||
proto = "http"
|
||||
|
||||
print("Note that you can put your icon/avatar in the static/ directory")
|
||||
dat["icon_url"] = prompt(
|
||||
"icon URL: ", default=f'{proto}://{dat["domain"]}/static/nopic.png'
|
||||
)
|
||||
dat["secret"] = os.urandom(16).hex()
|
||||
|
||||
with config_file.open("w") as f:
|
||||
f.write(tomli_w.dumps(dat))
|
||||
|
||||
print("Done")
|
||||
sys.exit(0)
|
||||
|
||||
|
||||
if __name__ == "__main__":
|
||||
try:
|
||||
main()
|
||||
except KeyboardInterrupt:
|
||||
print("Aborted")
|
||||
sys.exit(1)
|
135
scss/main.scss
Normal file
135
scss/main.scss
Normal file
|
@ -0,0 +1,135 @@
|
|||
body {
|
||||
margin: 0;
|
||||
padding: 0;
|
||||
display: flex;
|
||||
min-height: 100vh;
|
||||
flex-direction: column;
|
||||
}
|
||||
#main {
|
||||
flex: 1;
|
||||
}
|
||||
main {
|
||||
max-width: 800px;
|
||||
margin: 20px auto;
|
||||
}
|
||||
footer {
|
||||
max-width: 800px;
|
||||
margin: 20px auto;
|
||||
}
|
||||
#notifications, #followers, #following {
|
||||
ul {
|
||||
list-style-type: none;
|
||||
margin: 0;
|
||||
padding: 0;
|
||||
}
|
||||
li {
|
||||
display: inline-block;
|
||||
}
|
||||
}
|
||||
.actor-box {
|
||||
a {
|
||||
text-decoration: none;
|
||||
}
|
||||
}
|
||||
|
||||
#admin {
|
||||
.navbar {
|
||||
display: grid;
|
||||
grid-template-rows: auto;
|
||||
grid-template-columns: 1fr;
|
||||
grid-auto-flow: dense;
|
||||
justify-items: stretch;
|
||||
align-items: stretch;
|
||||
column-gap: 20px;
|
||||
}
|
||||
|
||||
.logo {
|
||||
grid-column:-3;
|
||||
padding: 5px;
|
||||
}
|
||||
|
||||
.menus {
|
||||
display: flex;
|
||||
flex-direction: row;
|
||||
justify-content: start;
|
||||
grid-column: 1;
|
||||
}
|
||||
|
||||
.menus * {
|
||||
padding: 5px;
|
||||
}
|
||||
}
|
||||
|
||||
nav.flexbox {
|
||||
display: flex;
|
||||
justify-content: space-between;
|
||||
align-items: center;
|
||||
|
||||
ul {
|
||||
display: flex;
|
||||
align-items: center;
|
||||
list-style-type: none;
|
||||
margin: 0;
|
||||
padding: 0;
|
||||
|
||||
}
|
||||
|
||||
ul li {
|
||||
margin-right: 20px;
|
||||
|
||||
&:last-child {
|
||||
margin-right: 0px;
|
||||
}
|
||||
}
|
||||
}
|
||||
#admin {
|
||||
a.active {
|
||||
font-weight: bold;
|
||||
text-decoration: none;
|
||||
}
|
||||
}
|
||||
|
||||
|
||||
.activity-wrap {
|
||||
margin: 0 auto;
|
||||
padding: 30px 0;
|
||||
.actor-icon {
|
||||
width:48px;
|
||||
margin-right: 15px;
|
||||
img {
|
||||
max-width: 48px;
|
||||
}
|
||||
}
|
||||
.activity-content {
|
||||
display: flex;
|
||||
align-items:flex-start;
|
||||
.activity-header {
|
||||
width: 100%;
|
||||
strong {
|
||||
font-weight:bold;
|
||||
}
|
||||
span {
|
||||
font-weight:normal;
|
||||
margin-left: 5px;
|
||||
}
|
||||
.activity-date { float:right; }
|
||||
}
|
||||
}
|
||||
.activity-attachment {
|
||||
padding-left: 60px;
|
||||
img, audio, video {
|
||||
width: 100%;
|
||||
max-width: 740px;
|
||||
margin: 30px 0;
|
||||
}
|
||||
}
|
||||
.activity-bar {
|
||||
display: flex;
|
||||
margin-left: 60px;
|
||||
margin-top: 10px;
|
||||
.bar-item {
|
||||
display: flex;
|
||||
margin-right: 20px;
|
||||
}
|
||||
}
|
||||
}
|
67
tasks.py
Normal file
67
tasks.py
Normal file
|
@ -0,0 +1,67 @@
|
|||
from typing import Optional
|
||||
|
||||
from invoke import Context # type: ignore
|
||||
from invoke import run # type: ignore
|
||||
from invoke import task # type: ignore
|
||||
|
||||
|
||||
@task
|
||||
def generate_db_migration(ctx, message):
|
||||
# type: (Context, str) -> None
|
||||
run(f'poetry run alembic revision --autogenerate -m "{message}"', echo=True)
|
||||
|
||||
|
||||
@task
|
||||
def migrate_db(ctx):
|
||||
# type: (Context) -> None
|
||||
run("poetry run alembic upgrade head", echo=True)
|
||||
|
||||
|
||||
@task
|
||||
def autoformat(ctx):
|
||||
# type: (Context) -> None
|
||||
run("black .", echo=True)
|
||||
run("isort -sl .", echo=True)
|
||||
|
||||
|
||||
@task
|
||||
def lint(ctx):
|
||||
# type: (Context) -> None
|
||||
run("black --check .", echo=True)
|
||||
run("isort -sl --check-only .", echo=True)
|
||||
run("flake8 .", echo=True)
|
||||
run("mypy .", echo=True)
|
||||
|
||||
|
||||
@task
|
||||
def compile_scss(ctx, watch=False):
|
||||
# type: (Context, bool) -> None
|
||||
if watch:
|
||||
run("poetry run boussole watch", echo=True)
|
||||
else:
|
||||
run("poetry run boussole compile", echo=True)
|
||||
|
||||
|
||||
@task
|
||||
def uvicorn(ctx):
|
||||
# type: (Context) -> None
|
||||
run("poetry run uvicorn app.main:app --no-server-header", pty=True, echo=True)
|
||||
|
||||
|
||||
@task
|
||||
def process_outgoing_activities(ctx):
|
||||
# type: (Context) -> None
|
||||
run("poetry run python app/process_outgoing_activities.py", pty=True, echo=True)
|
||||
|
||||
|
||||
@task
|
||||
def tests(ctx, k=None):
|
||||
# type: (Context, Optional[str]) -> None
|
||||
pytest_args = " -vvv"
|
||||
if k:
|
||||
pytest_args += f" -k {k}"
|
||||
run(
|
||||
f"MICROBLOGPUB_CONFIG_FILE=tests.toml pytest tests{pytest_args}",
|
||||
pty=True,
|
||||
echo=True,
|
||||
)
|
0
tests/__init__.py
Normal file
0
tests/__init__.py
Normal file
49
tests/conftest.py
Normal file
49
tests/conftest.py
Normal file
|
@ -0,0 +1,49 @@
|
|||
from typing import Generator
|
||||
|
||||
import pytest
|
||||
from fastapi.testclient import TestClient
|
||||
from sqlalchemy import orm
|
||||
|
||||
from app.database import Base
|
||||
from app.database import engine
|
||||
from app.database import get_db
|
||||
from app.main import app
|
||||
|
||||
_Session = orm.sessionmaker(bind=engine, autocommit=False, autoflush=False)
|
||||
|
||||
|
||||
def _get_db_for_testing() -> Generator[orm.Session, None, None]:
|
||||
session = _Session()
|
||||
try:
|
||||
yield session
|
||||
finally:
|
||||
session.close()
|
||||
|
||||
|
||||
@pytest.fixture
|
||||
def db() -> Generator:
|
||||
Base.metadata.create_all(bind=engine)
|
||||
yield orm.scoped_session(orm.sessionmaker(bind=engine))
|
||||
try:
|
||||
Base.metadata.drop_all(bind=engine)
|
||||
except Exception:
|
||||
# XXX: for some reason, the teardown occasionally fails because of this
|
||||
pass
|
||||
|
||||
|
||||
@pytest.fixture
|
||||
def exclude_fastapi_middleware():
|
||||
"""Workaround for https://github.com/encode/starlette/issues/472"""
|
||||
user_middleware = app.user_middleware.copy()
|
||||
app.user_middleware = []
|
||||
app.middleware_stack = app.build_middleware_stack()
|
||||
yield
|
||||
app.user_middleware = user_middleware
|
||||
app.middleware_stack = app.build_middleware_stack()
|
||||
|
||||
|
||||
@pytest.fixture
|
||||
def client(db, exclude_fastapi_middleware) -> Generator:
|
||||
app.dependency_overrides[get_db] = _get_db_for_testing
|
||||
with TestClient(app) as c:
|
||||
yield c
|
140
tests/factories.py
Normal file
140
tests/factories.py
Normal file
|
@ -0,0 +1,140 @@
|
|||
from uuid import uuid4
|
||||
|
||||
import factory # type: ignore
|
||||
from Crypto.PublicKey import RSA
|
||||
from sqlalchemy import orm
|
||||
|
||||
from app import activitypub as ap
|
||||
from app import actor
|
||||
from app import models
|
||||
from app.actor import RemoteActor
|
||||
from app.ap_object import RemoteObject
|
||||
from app.database import engine
|
||||
|
||||
_Session = orm.scoped_session(orm.sessionmaker(bind=engine))
|
||||
|
||||
|
||||
def generate_key() -> tuple[str, str]:
|
||||
k = RSA.generate(1024)
|
||||
return k.exportKey("PEM").decode(), k.publickey().exportKey("PEM").decode()
|
||||
|
||||
|
||||
def build_follow_activity(
|
||||
from_remote_actor: actor.RemoteActor,
|
||||
for_remote_actor: actor.RemoteActor,
|
||||
outbox_public_id: str | None = None,
|
||||
) -> ap.RawObject:
|
||||
return {
|
||||
"@context": ap.AS_CTX,
|
||||
"type": "Follow",
|
||||
"id": from_remote_actor.ap_id + "/follow/" + (outbox_public_id or uuid4().hex),
|
||||
"actor": from_remote_actor.ap_id,
|
||||
"object": for_remote_actor.ap_id,
|
||||
}
|
||||
|
||||
|
||||
def build_accept_activity(
|
||||
from_remote_actor: actor.RemoteActor,
|
||||
for_remote_object: RemoteObject,
|
||||
outbox_public_id: str | None = None,
|
||||
) -> ap.RawObject:
|
||||
return {
|
||||
"@context": ap.AS_CTX,
|
||||
"type": "Accept",
|
||||
"id": from_remote_actor.ap_id + "/accept/" + (outbox_public_id or uuid4().hex),
|
||||
"actor": from_remote_actor.ap_id,
|
||||
"object": for_remote_object.ap_id,
|
||||
}
|
||||
|
||||
|
||||
class BaseModelMeta:
|
||||
sqlalchemy_session = _Session
|
||||
sqlalchemy_session_persistence = "commit"
|
||||
|
||||
|
||||
class RemoteActorFactory(factory.Factory):
|
||||
class Meta:
|
||||
model = RemoteActor
|
||||
exclude = (
|
||||
"base_url",
|
||||
"username",
|
||||
"public_key",
|
||||
)
|
||||
|
||||
class Params:
|
||||
icon_url = None
|
||||
summary = "I like unit tests"
|
||||
|
||||
ap_actor = factory.LazyAttribute(
|
||||
lambda o: {
|
||||
"@context": ap.AS_CTX,
|
||||
"type": "Person",
|
||||
"id": o.base_url,
|
||||
"following": o.base_url + "/following",
|
||||
"followers": o.base_url + "/followers",
|
||||
# "featured": ID + "/featured",
|
||||
"inbox": o.base_url + "/inbox",
|
||||
"outbox": o.base_url + "/outbox",
|
||||
"preferredUsername": o.username,
|
||||
"name": o.username,
|
||||
"summary": o.summary,
|
||||
"endpoints": {},
|
||||
"url": o.base_url,
|
||||
"manuallyApprovesFollowers": False,
|
||||
"attachment": [],
|
||||
"icon": {},
|
||||
"publicKey": {
|
||||
"id": f"{o.base_url}#main-key",
|
||||
"owner": o.base_url,
|
||||
"publicKeyPem": o.public_key,
|
||||
},
|
||||
}
|
||||
)
|
||||
|
||||
|
||||
class ActorFactory(factory.alchemy.SQLAlchemyModelFactory):
|
||||
class Meta(BaseModelMeta):
|
||||
model = models.Actor
|
||||
|
||||
# ap_actor
|
||||
# ap_id
|
||||
ap_type = "Person"
|
||||
|
||||
@classmethod
|
||||
def from_remote_actor(cls, ra):
|
||||
return cls(
|
||||
ap_type=ra.ap_type,
|
||||
ap_actor=ra.ap_actor,
|
||||
ap_id=ra.ap_id,
|
||||
)
|
||||
|
||||
|
||||
class OutboxObjectFactory(factory.alchemy.SQLAlchemyModelFactory):
|
||||
class Meta(BaseModelMeta):
|
||||
model = models.OutboxObject
|
||||
|
||||
# public_id
|
||||
# relates_to_inbox_object_id
|
||||
# relates_to_outbox_object_id
|
||||
|
||||
@classmethod
|
||||
def from_remote_object(cls, public_id, ro):
|
||||
return cls(
|
||||
public_id=public_id,
|
||||
ap_type=ro.ap_type,
|
||||
ap_id=ro.ap_id,
|
||||
ap_context=ro.context,
|
||||
ap_object=ro.ap_object,
|
||||
visibility=ro.visibility,
|
||||
og_meta=ro.og_meta,
|
||||
activity_object_ap_id=ro.activity_object_ap_id,
|
||||
is_hidden_from_homepage=True if ro.in_reply_to else False,
|
||||
)
|
||||
|
||||
|
||||
class OutgoingActivityFactory(factory.alchemy.SQLAlchemyModelFactory):
|
||||
class Meta(BaseModelMeta):
|
||||
model = models.OutgoingActivity
|
||||
|
||||
# recipient
|
||||
# outbox_object_id
|
27
tests/test.key
Normal file
27
tests/test.key
Normal file
|
@ -0,0 +1,27 @@
|
|||
-----BEGIN RSA PRIVATE KEY-----
|
||||
MIIEowIBAAKCAQEAvYhynEC0l2WVpXoPutfhhZHEeQyyoHiMszOfl1EHM50V0xOC
|
||||
XCoXd/i5Hsa6dWswyjftOtSmdknY5Whr6LatwNu+i/tlsjmHSGgdhUxLhbj4Xc5T
|
||||
LQWxDbS1cg49IwSZFYSIrBw2yfPI3dpMNzYvBt8CKAk0zodypHzdfSKPbSRIyBAy
|
||||
SuG+mJsxsg9tx9CgWNrizauj/zVSWa/cRvNTvIwlxs1J516QJ0px3NygKqPMP2I4
|
||||
zNkhKFzaNDLzuv4zMsW8UNoM+Mlpf6+NbHQycUC9gIqywrP21E7YFmdljyr5cAfr
|
||||
qn+KgDsQTpDSINFE1oUanY0iadKvFXjD9uQLfwIDAQABAoIBAAtqK1TjxLyVfqS/
|
||||
rDDZjZiIxedwb1WgzQCB7GulkqR2Inla5G/+jPlJvoRu/Y3SzdZv9dakNf5LxkdS
|
||||
uaUDU4WY9mnh0ycftdkThCuiA65jDHpB0dqVTCuCJadf2ijAvyN/nueWr2oMR52s
|
||||
5wgwODbWuX+Fxmtl1u63InPF4BN3kEQcGP4pgXMiQ2QEwjxMubG7fZTuHFChsZMZ
|
||||
0QyHy0atmauK8+1FeseoZv7LefgjE+UhAKnIz5z/Ij4erGRaWJUKe5YS7i8nTT6M
|
||||
W+SJ/gs/l6vOUmrqHZaXsp29pvseY23akgGnZciHJfuj/vxMJjGfZVM2ls+MUkh4
|
||||
tdEZ0NECgYEAxRGcRxhQyOdiohcsH4efG03mB7u+JBuvt33oFXWOCpW7lenAr9qg
|
||||
3hm30lZq95ST3XilqGldgIW2zpHCkSLXk/lsJteNC9EEk8HuTDJ7Gd4SBiXisELd
|
||||
IY147SJu5KXN/kaGoDMgMCGcR7Qkr6hzsRT3308A6nMNZG0viyUMzicCgYEA9jXx
|
||||
WaLe0PC8pT/yAyPJnYerSOofv+vz+3KNlopBTSRsREsCpdbyOnGCXa4bechj29Lv
|
||||
0QCbQMkga2pXUPNszdUz7L0LnAi8DZhKumPxyz82kcZSxSCGsvwp9kZju/LPCIHo
|
||||
j1wKW92/w47QXdzCVjgkKbDAGsSwzphEJOuMhukCgYBUKl9KZfIqu9f+TlND7BJi
|
||||
APUbnG1q0oBLp/R1Jc3Sa3zAXCM1d/R4pxdBODNbJhO45QwrT0Tl3TXkJ5Cnl+/m
|
||||
fQJZ3Hma8Fw6FvuFg5HbzGJ6Sbf1e7kh2WAqNyiRctb1oH1i8jLvG4u5fBCnDRTM
|
||||
Lp5mu0Ey4Ix5tcA2d05uxQKBgQDDBiePIPvt9UL4gpZo9kgViAmdUBamJ3izjCGr
|
||||
RQhE2r0Hu4L1ajWlJZRmMCuDY7/1uDhODXTs9GPBshJIBQoCYQcoVvaDOkf7XM6U
|
||||
peY5YHERN08I5qLL1AJJGaiWj9Z+nqhgJj/uVNA5Tz6tmtg1A3Nhsqf4jCShAOu5
|
||||
cvt1QQKBgH2Lg/o9KpFLeZLVXQzW3GFB7RzDetSDbpdhBBE3o/HAtrX0foEqYfKx
|
||||
JuPrlGR2L6Q8jSw7AvFErkx5g5kCgdN8mOYjCe/EsL3ctIatqaoGDrjfvgWAeanW
|
||||
XxMcVRlcMFzp5XB0VQhG0nP9uvHm/eIw/izN2JN7gz3ZZp84lq3S
|
||||
-----END RSA PRIVATE KEY-----
|
46
tests/test_actor.py
Normal file
46
tests/test_actor.py
Normal file
|
@ -0,0 +1,46 @@
|
|||
import httpx
|
||||
import respx
|
||||
|
||||
from app import models
|
||||
from app.actor import fetch_actor
|
||||
from app.database import Session
|
||||
from tests import factories
|
||||
|
||||
|
||||
def test_fetch_actor(db: Session, respx_mock) -> None:
|
||||
# Given a remote actor
|
||||
ra = factories.RemoteActorFactory(
|
||||
base_url="https://example.com",
|
||||
username="toto",
|
||||
public_key="pk",
|
||||
)
|
||||
respx_mock.get(ra.ap_id).mock(return_value=httpx.Response(200, json=ra.ap_actor))
|
||||
|
||||
# When fetching this actor for the first time
|
||||
saved_actor = fetch_actor(db, ra.ap_id)
|
||||
|
||||
# Then it has been fetched and saved in DB
|
||||
assert respx.calls.call_count == 1
|
||||
assert db.query(models.Actor).one().ap_id == saved_actor.ap_id
|
||||
|
||||
# When fetching it a second time
|
||||
actor_from_db = fetch_actor(db, ra.ap_id)
|
||||
|
||||
# Then it's read from the DB
|
||||
assert actor_from_db.ap_id == ra.ap_id
|
||||
assert db.query(models.Actor).count() == 1
|
||||
assert respx.calls.call_count == 1
|
||||
|
||||
|
||||
def test_sqlalchemy_factory(db: Session) -> None:
|
||||
ra = factories.RemoteActorFactory(
|
||||
base_url="https://example.com",
|
||||
username="toto",
|
||||
public_key="pk",
|
||||
)
|
||||
actor_in_db = factories.ActorFactory(
|
||||
ap_type=ra.ap_type,
|
||||
ap_actor=ra.ap_actor,
|
||||
ap_id=ra.ap_id,
|
||||
)
|
||||
assert actor_in_db.id == db.query(models.Actor).one().id
|
21
tests/test_admin.py
Normal file
21
tests/test_admin.py
Normal file
|
@ -0,0 +1,21 @@
|
|||
from fastapi.testclient import TestClient
|
||||
|
||||
from app.main import app
|
||||
|
||||
|
||||
def test_admin_endpoints_are_authenticated(client: TestClient):
|
||||
routes_tested = []
|
||||
|
||||
for route in app.routes:
|
||||
if not route.path.startswith("/admin") or route.path == "/admin/login":
|
||||
continue
|
||||
|
||||
for method in route.methods:
|
||||
resp = client.request(method, route.path)
|
||||
|
||||
# Admin routes should redirect to the login page
|
||||
assert resp.status_code == 302, f"{method} {route.path} is unauthenticated"
|
||||
assert resp.headers.get("Location") == "http://testserver/admin/login"
|
||||
routes_tested.append((method, route.path))
|
||||
|
||||
assert len(routes_tested) > 0
|
177
tests/test_httpsig.py
Normal file
177
tests/test_httpsig.py
Normal file
|
@ -0,0 +1,177 @@
|
|||
from typing import Any
|
||||
|
||||
import fastapi
|
||||
import httpx
|
||||
import pytest
|
||||
import respx
|
||||
from fastapi.testclient import TestClient
|
||||
|
||||
from app import activitypub as ap
|
||||
from app import httpsig
|
||||
from app.httpsig import HTTPSigInfo
|
||||
from app.key import Key
|
||||
from tests import factories
|
||||
|
||||
_test_app = fastapi.FastAPI()
|
||||
|
||||
|
||||
def _httpsig_info_to_dict(httpsig_info: HTTPSigInfo) -> dict[str, Any]:
|
||||
return {
|
||||
"has_valid_signature": httpsig_info.has_valid_signature,
|
||||
"signed_by_ap_actor_id": httpsig_info.signed_by_ap_actor_id,
|
||||
}
|
||||
|
||||
|
||||
@_test_app.get("/httpsig_checker")
|
||||
def get_httpsig_checker(
|
||||
httpsig_info: httpsig.HTTPSigInfo = fastapi.Depends(httpsig.httpsig_checker),
|
||||
):
|
||||
return _httpsig_info_to_dict(httpsig_info)
|
||||
|
||||
|
||||
@_test_app.post("/enforce_httpsig")
|
||||
async def post_enforce_httpsig(
|
||||
request: fastapi.Request,
|
||||
httpsig_info: httpsig.HTTPSigInfo = fastapi.Depends(httpsig.enforce_httpsig),
|
||||
):
|
||||
await request.json()
|
||||
return _httpsig_info_to_dict(httpsig_info)
|
||||
|
||||
|
||||
def test_enforce_httpsig__no_signature(
|
||||
client: TestClient,
|
||||
respx_mock: respx.MockRouter,
|
||||
) -> None:
|
||||
with TestClient(_test_app) as client:
|
||||
response = client.post(
|
||||
"/enforce_httpsig",
|
||||
headers={"Content-Type": ap.AS_CTX},
|
||||
json={"enforce_httpsig": True},
|
||||
)
|
||||
|
||||
assert response.status_code == 401
|
||||
assert response.json()["detail"] == "Invalid HTTP sig"
|
||||
|
||||
|
||||
@pytest.mark.asyncio
|
||||
async def test_enforce_httpsig__with_valid_signature(
|
||||
client: TestClient,
|
||||
respx_mock: respx.MockRouter,
|
||||
) -> None:
|
||||
# Given a remote actor
|
||||
privkey, pubkey = factories.generate_key()
|
||||
ra = factories.RemoteActorFactory(
|
||||
base_url="https://example.com",
|
||||
username="toto",
|
||||
public_key=pubkey,
|
||||
)
|
||||
k = Key(ra.ap_id, f"{ra.ap_id}#main-key")
|
||||
k.load(privkey)
|
||||
auth = httpsig.HTTPXSigAuth(k)
|
||||
respx_mock.get(ra.ap_id).mock(return_value=httpx.Response(200, json=ra.ap_actor))
|
||||
|
||||
httpsig._get_public_key.cache_clear()
|
||||
|
||||
async with httpx.AsyncClient(app=_test_app, base_url="http://test") as client:
|
||||
response = await client.post(
|
||||
"/enforce_httpsig",
|
||||
headers={"Content-Type": ap.AS_CTX},
|
||||
json={"enforce_httpsig": True},
|
||||
auth=auth, # type: ignore
|
||||
)
|
||||
assert response.status_code == 200
|
||||
|
||||
json_response = response.json()
|
||||
|
||||
assert json_response["has_valid_signature"] is True
|
||||
assert json_response["signed_by_ap_actor_id"] == ra.ap_id
|
||||
|
||||
|
||||
def test_httpsig_checker__no_signature(
|
||||
client: TestClient,
|
||||
respx_mock: respx.MockRouter,
|
||||
) -> None:
|
||||
with TestClient(_test_app) as client:
|
||||
response = client.get(
|
||||
"/httpsig_checker",
|
||||
headers={"Accept": ap.AS_CTX},
|
||||
)
|
||||
|
||||
assert response.status_code == 200
|
||||
json_response = response.json()
|
||||
assert json_response["has_valid_signature"] is False
|
||||
assert json_response["signed_by_ap_actor_id"] is None
|
||||
|
||||
|
||||
@pytest.mark.asyncio
|
||||
async def test_httpsig_checker__with_valid_signature(
|
||||
client: TestClient,
|
||||
respx_mock: respx.MockRouter,
|
||||
) -> None:
|
||||
# Given a remote actor
|
||||
privkey, pubkey = factories.generate_key()
|
||||
ra = factories.RemoteActorFactory(
|
||||
base_url="https://example.com",
|
||||
username="toto",
|
||||
public_key=pubkey,
|
||||
)
|
||||
respx_mock.get(ra.ap_id).mock(return_value=httpx.Response(200, json=ra.ap_actor))
|
||||
k = Key(ra.ap_id, f"{ra.ap_id}#main-key")
|
||||
k.load(privkey)
|
||||
auth = httpsig.HTTPXSigAuth(k)
|
||||
|
||||
httpsig._get_public_key.cache_clear()
|
||||
|
||||
async with httpx.AsyncClient(app=_test_app, base_url="http://test") as client:
|
||||
response = await client.get(
|
||||
"/httpsig_checker",
|
||||
headers={"Accept": ap.AS_CTX},
|
||||
auth=auth, # type: ignore
|
||||
)
|
||||
|
||||
assert response.status_code == 200
|
||||
json_response = response.json()
|
||||
|
||||
assert json_response["has_valid_signature"] is True
|
||||
assert json_response["signed_by_ap_actor_id"] == ra.ap_id
|
||||
|
||||
|
||||
@pytest.mark.asyncio
|
||||
async def test_httpsig_checker__with_invvalid_signature(
|
||||
client: TestClient,
|
||||
respx_mock: respx.MockRouter,
|
||||
) -> None:
|
||||
# Given a remote actor
|
||||
privkey, pubkey = factories.generate_key()
|
||||
ra = factories.RemoteActorFactory(
|
||||
base_url="https://example.com",
|
||||
username="toto",
|
||||
public_key=pubkey,
|
||||
)
|
||||
k = Key(ra.ap_id, f"{ra.ap_id}#main-key")
|
||||
k.load(privkey)
|
||||
auth = httpsig.HTTPXSigAuth(k)
|
||||
|
||||
ra2_privkey, ra2_pubkey = factories.generate_key()
|
||||
ra2 = factories.RemoteActorFactory(
|
||||
base_url="https://example.com",
|
||||
username="toto",
|
||||
public_key=ra2_pubkey,
|
||||
)
|
||||
assert ra.ap_id == ra2.ap_id
|
||||
respx_mock.get(ra.ap_id).mock(return_value=httpx.Response(200, json=ra2.ap_actor))
|
||||
|
||||
httpsig._get_public_key.cache_clear()
|
||||
|
||||
async with httpx.AsyncClient(app=_test_app, base_url="http://test") as client:
|
||||
response = await client.get(
|
||||
"/httpsig_checker",
|
||||
headers={"Accept": ap.AS_CTX},
|
||||
auth=auth, # type: ignore
|
||||
)
|
||||
|
||||
assert response.status_code == 200
|
||||
json_response = response.json()
|
||||
|
||||
assert json_response["has_valid_signature"] is False
|
||||
assert json_response["signed_by_ap_actor_id"] == ra.ap_id
|
134
tests/test_inbox.py
Normal file
134
tests/test_inbox.py
Normal file
|
@ -0,0 +1,134 @@
|
|||
from uuid import uuid4
|
||||
|
||||
import httpx
|
||||
import respx
|
||||
from fastapi.testclient import TestClient
|
||||
|
||||
from app import activitypub as ap
|
||||
from app import models
|
||||
from app.actor import LOCAL_ACTOR
|
||||
from app.ap_object import RemoteObject
|
||||
from app.database import Session
|
||||
from tests import factories
|
||||
from tests.utils import mock_httpsig_checker
|
||||
|
||||
|
||||
def test_inbox_requires_httpsig(
|
||||
client: TestClient,
|
||||
):
|
||||
response = client.post(
|
||||
"/inbox",
|
||||
headers={"Content-Type": ap.AS_CTX},
|
||||
json={},
|
||||
)
|
||||
assert response.status_code == 401
|
||||
assert response.json()["detail"] == "Invalid HTTP sig"
|
||||
|
||||
|
||||
def test_inbox_follow_request(
|
||||
db: Session,
|
||||
client: TestClient,
|
||||
respx_mock: respx.MockRouter,
|
||||
) -> None:
|
||||
# Given a remote actor
|
||||
ra = factories.RemoteActorFactory(
|
||||
base_url="https://example.com",
|
||||
username="toto",
|
||||
public_key="pk",
|
||||
)
|
||||
respx_mock.get(ra.ap_id).mock(return_value=httpx.Response(200, json=ra.ap_actor))
|
||||
|
||||
# When sending a Follow activity
|
||||
follow_activity = RemoteObject(
|
||||
factories.build_follow_activity(
|
||||
from_remote_actor=ra,
|
||||
for_remote_actor=LOCAL_ACTOR,
|
||||
)
|
||||
)
|
||||
with mock_httpsig_checker(ra):
|
||||
response = client.post(
|
||||
"/inbox",
|
||||
headers={"Content-Type": ap.AS_CTX},
|
||||
json=follow_activity.ap_object,
|
||||
)
|
||||
|
||||
# Then the server returns a 204
|
||||
assert response.status_code == 204
|
||||
|
||||
# And the actor was saved in DB
|
||||
saved_actor = db.query(models.Actor).one()
|
||||
assert saved_actor.ap_id == ra.ap_id
|
||||
|
||||
# And the Follow activity was saved in the inbox
|
||||
inbox_object = db.query(models.InboxObject).one()
|
||||
assert inbox_object.ap_object == follow_activity.ap_object
|
||||
|
||||
# And a follower was internally created
|
||||
follower = db.query(models.Follower).one()
|
||||
assert follower.ap_actor_id == ra.ap_id
|
||||
assert follower.actor_id == saved_actor.id
|
||||
assert follower.inbox_object_id == inbox_object.id
|
||||
|
||||
# And an Accept activity was created in the outbox
|
||||
outbox_object = db.query(models.OutboxObject).one()
|
||||
assert outbox_object.ap_type == "Accept"
|
||||
assert outbox_object.activity_object_ap_id == follow_activity.ap_id
|
||||
|
||||
# And an outgoing activity was created to track the Accept activity delivery
|
||||
outgoing_activity = db.query(models.OutgoingActivity).one()
|
||||
assert outgoing_activity.outbox_object_id == outbox_object.id
|
||||
|
||||
|
||||
def test_inbox_accept_follow_request(
|
||||
db: Session,
|
||||
client: TestClient,
|
||||
respx_mock: respx.MockRouter,
|
||||
) -> None:
|
||||
# Given a remote actor
|
||||
ra = factories.RemoteActorFactory(
|
||||
base_url="https://example.com",
|
||||
username="toto",
|
||||
public_key="pk",
|
||||
)
|
||||
respx_mock.get(ra.ap_id).mock(return_value=httpx.Response(200, json=ra.ap_actor))
|
||||
actor_in_db = factories.ActorFactory.from_remote_actor(ra)
|
||||
|
||||
# And a Follow activity in the outbox
|
||||
follow_id = uuid4().hex
|
||||
follow_from_outbox = RemoteObject(
|
||||
factories.build_follow_activity(
|
||||
from_remote_actor=LOCAL_ACTOR,
|
||||
for_remote_actor=ra,
|
||||
outbox_public_id=follow_id,
|
||||
)
|
||||
)
|
||||
outbox_object = factories.OutboxObjectFactory.from_remote_object(
|
||||
follow_id, follow_from_outbox
|
||||
)
|
||||
|
||||
# When sending a Accept activity
|
||||
accept_activity = RemoteObject(
|
||||
factories.build_accept_activity(
|
||||
from_remote_actor=ra,
|
||||
for_remote_object=follow_from_outbox,
|
||||
)
|
||||
)
|
||||
with mock_httpsig_checker(ra):
|
||||
response = client.post(
|
||||
"/inbox",
|
||||
headers={"Content-Type": ap.AS_CTX},
|
||||
json=accept_activity.ap_object,
|
||||
)
|
||||
|
||||
# Then the server returns a 204
|
||||
assert response.status_code == 204
|
||||
|
||||
# And the Accept activity was saved in the inbox
|
||||
inbox_activity = db.query(models.InboxObject).one()
|
||||
assert inbox_activity.ap_type == "Accept"
|
||||
assert inbox_activity.relates_to_outbox_object_id == outbox_object.id
|
||||
assert inbox_activity.actor_id == actor_in_db.id
|
||||
|
||||
# And a following entry was created internally
|
||||
following = db.query(models.Following).one()
|
||||
assert following.ap_actor_id == actor_in_db.ap_id
|
46
tests/test_outbox.py
Normal file
46
tests/test_outbox.py
Normal file
|
@ -0,0 +1,46 @@
|
|||
import httpx
|
||||
import respx
|
||||
from fastapi.testclient import TestClient
|
||||
|
||||
from app import models
|
||||
from app.config import generate_csrf_token
|
||||
from app.database import Session
|
||||
from tests import factories
|
||||
from tests.utils import generate_admin_session_cookies
|
||||
|
||||
|
||||
def test_send_follow_request(
|
||||
db: Session,
|
||||
client: TestClient,
|
||||
respx_mock: respx.MockRouter,
|
||||
) -> None:
|
||||
# Given a remote actor
|
||||
ra = factories.RemoteActorFactory(
|
||||
base_url="https://example.com",
|
||||
username="toto",
|
||||
public_key="pk",
|
||||
)
|
||||
respx_mock.get(ra.ap_id).mock(return_value=httpx.Response(200, json=ra.ap_actor))
|
||||
|
||||
response = client.post(
|
||||
"/admin/actions/follow",
|
||||
data={
|
||||
"redirect_url": "http://testserver/",
|
||||
"ap_actor_id": ra.ap_id,
|
||||
"csrf_token": generate_csrf_token(),
|
||||
},
|
||||
cookies=generate_admin_session_cookies(),
|
||||
)
|
||||
|
||||
# Then the server returns a 302
|
||||
assert response.status_code == 302
|
||||
assert response.headers.get("Location") == "http://testserver/"
|
||||
|
||||
# And the Follow activity was created in the outbox
|
||||
outbox_object = db.query(models.OutboxObject).one()
|
||||
assert outbox_object.ap_type == "Follow"
|
||||
assert outbox_object.activity_object_ap_id == ra.ap_id
|
||||
|
||||
# And an outgoing activity was queued
|
||||
outgoing_activity = db.query(models.OutgoingActivity).one()
|
||||
assert outgoing_activity.outbox_object_id == outbox_object.id
|
180
tests/test_process_outgoing_activities.py
Normal file
180
tests/test_process_outgoing_activities.py
Normal file
|
@ -0,0 +1,180 @@
|
|||
from uuid import uuid4
|
||||
|
||||
import httpx
|
||||
import respx
|
||||
from fastapi.testclient import TestClient
|
||||
|
||||
from app import models
|
||||
from app.actor import LOCAL_ACTOR
|
||||
from app.ap_object import RemoteObject
|
||||
from app.database import Session
|
||||
from app.process_outgoing_activities import _MAX_RETRIES
|
||||
from app.process_outgoing_activities import new_outgoing_activity
|
||||
from app.process_outgoing_activities import process_next_outgoing_activity
|
||||
from tests import factories
|
||||
|
||||
|
||||
def _setup_outbox_object() -> models.OutboxObject:
|
||||
ra = factories.RemoteActorFactory(
|
||||
base_url="https://example.com",
|
||||
username="toto",
|
||||
public_key="pk",
|
||||
)
|
||||
|
||||
# And a Follow activity in the outbox
|
||||
follow_id = uuid4().hex
|
||||
follow_from_outbox = RemoteObject(
|
||||
factories.build_follow_activity(
|
||||
from_remote_actor=LOCAL_ACTOR,
|
||||
for_remote_actor=ra,
|
||||
outbox_public_id=follow_id,
|
||||
)
|
||||
)
|
||||
outbox_object = factories.OutboxObjectFactory.from_remote_object(
|
||||
follow_id, follow_from_outbox
|
||||
)
|
||||
return outbox_object
|
||||
|
||||
|
||||
def test_new_outgoing_activity(
|
||||
db: Session,
|
||||
client: TestClient,
|
||||
respx_mock: respx.MockRouter,
|
||||
) -> None:
|
||||
outbox_object = _setup_outbox_object()
|
||||
inbox_url = "https://example.com/inbox"
|
||||
|
||||
# When queuing the activity
|
||||
outgoing_activity = new_outgoing_activity(db, inbox_url, outbox_object.id)
|
||||
|
||||
assert db.query(models.OutgoingActivity).one() == outgoing_activity
|
||||
assert outgoing_activity.outbox_object_id == outbox_object.id
|
||||
assert outgoing_activity.recipient == inbox_url
|
||||
|
||||
|
||||
def test_process_next_outgoing_activity__no_next_activity(
|
||||
db: Session,
|
||||
respx_mock: respx.MockRouter,
|
||||
) -> None:
|
||||
assert process_next_outgoing_activity(db) is False
|
||||
|
||||
|
||||
def test_process_next_outgoing_activity__server_200(
|
||||
db: Session,
|
||||
respx_mock: respx.MockRouter,
|
||||
) -> None:
|
||||
# And an outgoing activity
|
||||
outbox_object = _setup_outbox_object()
|
||||
|
||||
recipient_inbox_url = "https://example.com/users/toto/inbox"
|
||||
respx_mock.post(recipient_inbox_url).mock(return_value=httpx.Response(204))
|
||||
|
||||
outgoing_activity = factories.OutgoingActivityFactory(
|
||||
recipient=recipient_inbox_url,
|
||||
outbox_object_id=outbox_object.id,
|
||||
)
|
||||
|
||||
# When processing the next outgoing activity
|
||||
# Then it is processed
|
||||
assert process_next_outgoing_activity(db) is True
|
||||
|
||||
assert respx_mock.calls.call_count == 1
|
||||
|
||||
outgoing_activity = db.query(models.OutgoingActivity).one()
|
||||
assert outgoing_activity.is_sent is True
|
||||
assert outgoing_activity.last_status_code == 204
|
||||
assert outgoing_activity.error is None
|
||||
assert outgoing_activity.is_errored is False
|
||||
|
||||
|
||||
def test_process_next_outgoing_activity__error_500(
|
||||
db: Session,
|
||||
respx_mock: respx.MockRouter,
|
||||
) -> None:
|
||||
outbox_object = _setup_outbox_object()
|
||||
recipient_inbox_url = "https://example.com/inbox"
|
||||
respx_mock.post(recipient_inbox_url).mock(
|
||||
return_value=httpx.Response(500, text="oops")
|
||||
)
|
||||
|
||||
# And an outgoing activity
|
||||
outgoing_activity = factories.OutgoingActivityFactory(
|
||||
recipient=recipient_inbox_url,
|
||||
outbox_object_id=outbox_object.id,
|
||||
)
|
||||
|
||||
# When processing the next outgoing activity
|
||||
# Then it is processed
|
||||
assert process_next_outgoing_activity(db) is True
|
||||
|
||||
assert respx_mock.calls.call_count == 1
|
||||
|
||||
outgoing_activity = db.query(models.OutgoingActivity).one()
|
||||
assert outgoing_activity.is_sent is False
|
||||
assert outgoing_activity.last_status_code == 500
|
||||
assert outgoing_activity.last_response == "oops"
|
||||
assert outgoing_activity.is_errored is False
|
||||
assert outgoing_activity.tries == 1
|
||||
|
||||
|
||||
def test_process_next_outgoing_activity__connect_error(
|
||||
db: Session,
|
||||
respx_mock: respx.MockRouter,
|
||||
) -> None:
|
||||
outbox_object = _setup_outbox_object()
|
||||
recipient_inbox_url = "https://example.com/inbox"
|
||||
respx_mock.post(recipient_inbox_url).mock(side_effect=httpx.ConnectError)
|
||||
|
||||
# And an outgoing activity
|
||||
outgoing_activity = factories.OutgoingActivityFactory(
|
||||
recipient=recipient_inbox_url,
|
||||
outbox_object_id=outbox_object.id,
|
||||
)
|
||||
|
||||
# When processing the next outgoing activity
|
||||
# Then it is processed
|
||||
assert process_next_outgoing_activity(db) is True
|
||||
|
||||
assert respx_mock.calls.call_count == 1
|
||||
|
||||
outgoing_activity = db.query(models.OutgoingActivity).one()
|
||||
assert outgoing_activity.is_sent is False
|
||||
assert outgoing_activity.error is not None
|
||||
assert outgoing_activity.tries == 1
|
||||
|
||||
|
||||
def test_process_next_outgoing_activity__errored(
|
||||
db: Session,
|
||||
respx_mock: respx.MockRouter,
|
||||
) -> None:
|
||||
outbox_object = _setup_outbox_object()
|
||||
recipient_inbox_url = "https://example.com/inbox"
|
||||
respx_mock.post(recipient_inbox_url).mock(
|
||||
return_value=httpx.Response(500, text="oops")
|
||||
)
|
||||
|
||||
# And an outgoing activity
|
||||
outgoing_activity = factories.OutgoingActivityFactory(
|
||||
recipient=recipient_inbox_url,
|
||||
outbox_object_id=outbox_object.id,
|
||||
tries=_MAX_RETRIES - 1,
|
||||
)
|
||||
|
||||
# When processing the next outgoing activity
|
||||
# Then it is processed
|
||||
assert process_next_outgoing_activity(db) is True
|
||||
|
||||
assert respx_mock.calls.call_count == 1
|
||||
|
||||
outgoing_activity = db.query(models.OutgoingActivity).one()
|
||||
assert outgoing_activity.is_sent is False
|
||||
assert outgoing_activity.last_status_code == 500
|
||||
assert outgoing_activity.last_response == "oops"
|
||||
assert outgoing_activity.is_errored is True
|
||||
|
||||
# And it is skipped from processing
|
||||
assert process_next_outgoing_activity(db) is False
|
||||
|
||||
|
||||
# TODO(ts):
|
||||
# - parse retry after
|
30
tests/test_public.py
Normal file
30
tests/test_public.py
Normal file
|
@ -0,0 +1,30 @@
|
|||
import pytest
|
||||
from fastapi.testclient import TestClient
|
||||
|
||||
from app.database import Session
|
||||
|
||||
_ACCEPTED_AP_HEADERS = [
|
||||
"application/activity+json",
|
||||
"application/activity+json; charset=utf-8",
|
||||
"application/ld+json",
|
||||
'application/ld+json; profile="https://www.w3.org/ns/activitystreams"',
|
||||
]
|
||||
|
||||
|
||||
@pytest.mark.anyio
|
||||
def test_index(db: Session, client: TestClient):
|
||||
response = client.get("/")
|
||||
assert response.status_code == 200
|
||||
|
||||
|
||||
@pytest.mark.parametrize("accept", _ACCEPTED_AP_HEADERS)
|
||||
def test__ap_version(client, db, accept: str) -> None:
|
||||
response = client.get("/followers", headers={"Accept": accept})
|
||||
assert response.status_code == 200
|
||||
assert response.headers["content-type"] == "application/activity+json"
|
||||
assert response.json()["id"].endswith("/followers")
|
||||
|
||||
|
||||
def test__html(client, db) -> None:
|
||||
response = client.get("/followers", headers={"Accept": "application/activity+json"})
|
||||
assert response.status_code == 200
|
29
tests/utils.py
Normal file
29
tests/utils.py
Normal file
|
@ -0,0 +1,29 @@
|
|||
from contextlib import contextmanager
|
||||
|
||||
import fastapi
|
||||
|
||||
from app import actor
|
||||
from app import httpsig
|
||||
from app.config import session_serializer
|
||||
from app.main import app
|
||||
|
||||
|
||||
@contextmanager
|
||||
def mock_httpsig_checker(ra: actor.RemoteActor):
|
||||
async def httpsig_checker(
|
||||
request: fastapi.Request,
|
||||
) -> httpsig.HTTPSigInfo:
|
||||
return httpsig.HTTPSigInfo(
|
||||
has_valid_signature=True,
|
||||
signed_by_ap_actor_id=ra.ap_id,
|
||||
)
|
||||
|
||||
app.dependency_overrides[httpsig.httpsig_checker] = httpsig_checker
|
||||
try:
|
||||
yield
|
||||
finally:
|
||||
del app.dependency_overrides[httpsig.httpsig_checker]
|
||||
|
||||
|
||||
def generate_admin_session_cookies() -> dict[str, str]:
|
||||
return {"session": session_serializer.dumps({"is_logged_in": True})}
|
Loading…
Reference in a new issue