Robosats/robosats
1
0
Fork 0
mirror of https://github.com/RoboSats/robosats.git synced 2025-09-06 00:04:05 +00:00
Code Issues Packages Projects Releases Wiki Activity

Update middlewares errors

Browse Source
This commit is contained in:
aftermath2
2023-04-01 12:00:00 +00:00
parent d3e053fb57
commit 4fd16c5e73
1 changed files with 4 additions and 13 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

17
robosats/middleware.py
View File

@ -9,6 +9,7 @@ from django.utils.deprecation import MiddlewareMixin
from django.http import JsonResponse from django.http import JsonResponse
from rest_framework.authtoken.models import Token from rest_framework.authtoken.models import Token
from api.errors import new_error
from api.nick_generator.nick_generator import NickGenerator from api.nick_generator.nick_generator import NickGenerator
from api.utils import base91_to_hex, hex_to_base91, is_valid_token, validate_pgp_keys from api.utils import base91_to_hex, hex_to_base91, is_valid_token, validate_pgp_keys
@ -75,12 +76,7 @@ class RobotTokenSHA256AuthenticationMiddleWare:
return response return response
if not is_valid_token(token_sha256_b91): if not is_valid_token(token_sha256_b91):
return JsonResponse( return JsonResponse(new_error(7000), status=400)
{
"bad_request": "Robot token SHA256 was provided in the header. However it is not a valid 39 or 40 characters Base91 string."
},
status=400,
)
# Check if it is an existing robot. # Check if it is an existing robot.
try: try:
@ -127,12 +123,7 @@ class RobotTokenSHA256AuthenticationMiddleWare:
encrypted_private_key = request.COOKIES.get("encrypted_private_key", "") encrypted_private_key = request.COOKIES.get("encrypted_private_key", "")
if not public_key or not encrypted_private_key or not nostr_pubkey: if not public_key or not encrypted_private_key or not nostr_pubkey:
return JsonResponse( return JsonResponse(new_error(7001), status=400)
{
"bad_request": "On the first request to a RoboSats coordinator, you must provide as well a valid public and encrypted private PGP keys and a nostr pubkey"
},
status=400,
)
( (
valid, valid,
@ -141,7 +132,7 @@ class RobotTokenSHA256AuthenticationMiddleWare:
encrypted_private_key, encrypted_private_key,
) = validate_pgp_keys(public_key, encrypted_private_key) ) = validate_pgp_keys(public_key, encrypted_private_key)
if not valid: if not valid:
return JsonResponse({"bad_request": bad_keys_context}, status=400) return JsonResponse(new_error(7002, {"bad_keys_context": bad_keys_context}), status=400)
# Hash the token_sha256, only 1 iteration. # Hash the token_sha256, only 1 iteration.
# This is the second SHA256 of the user token, aka RoboSats ID # This is the second SHA256 of the user token, aka RoboSats ID