Fix #1438
This commit is contained in:
parent
ea9c4de45b
commit
7410aa9b37
@ -1,8 +1,9 @@
|
|||||||
|
import * as mongo from 'mongodb';
|
||||||
import * as Router from 'koa-router';
|
import * as Router from 'koa-router';
|
||||||
|
|
||||||
import config from '../config';
|
import config from '../config';
|
||||||
import parseAcct from '../acct/parse';
|
import parseAcct from '../acct/parse';
|
||||||
import User from '../models/user';
|
import User, { IUser } from '../models/user';
|
||||||
|
|
||||||
// Init router
|
// Init router
|
||||||
const router = new Router();
|
const router = new Router();
|
||||||
@ -14,27 +15,38 @@ router.get('/.well-known/webfinger', async ctx => {
|
|||||||
}
|
}
|
||||||
|
|
||||||
const resourceLower = ctx.query.resource.toLowerCase();
|
const resourceLower = ctx.query.resource.toLowerCase();
|
||||||
const webPrefix = config.url.toLowerCase() + '/@';
|
|
||||||
let acctLower;
|
let acctLower;
|
||||||
|
let id;
|
||||||
|
|
||||||
if (resourceLower.startsWith(webPrefix)) {
|
if (resourceLower.startsWith(config.url.toLowerCase() + '/@')) {
|
||||||
acctLower = resourceLower.slice(webPrefix.length);
|
acctLower = resourceLower.split('/').pop();
|
||||||
|
} else if (resourceLower.startsWith(config.url.toLowerCase() + '/users/')) {
|
||||||
|
id = new mongo.ObjectID(resourceLower.split('/').pop());
|
||||||
} else if (resourceLower.startsWith('acct:')) {
|
} else if (resourceLower.startsWith('acct:')) {
|
||||||
acctLower = resourceLower.slice('acct:'.length);
|
acctLower = resourceLower.slice('acct:'.length);
|
||||||
} else {
|
} else {
|
||||||
acctLower = resourceLower;
|
acctLower = resourceLower;
|
||||||
}
|
}
|
||||||
|
|
||||||
const parsedAcctLower = parseAcct(acctLower);
|
let user: IUser;
|
||||||
if (![null, config.host.toLowerCase()].includes(parsedAcctLower.host)) {
|
|
||||||
ctx.status = 422;
|
|
||||||
return;
|
|
||||||
}
|
|
||||||
|
|
||||||
const user = await User.findOne({
|
if (acctLower) {
|
||||||
usernameLower: parsedAcctLower.username,
|
const parsedAcctLower = parseAcct(acctLower);
|
||||||
host: null
|
if (![null, config.host.toLowerCase()].includes(parsedAcctLower.host)) {
|
||||||
});
|
ctx.status = 422;
|
||||||
|
return;
|
||||||
|
}
|
||||||
|
|
||||||
|
user = await User.findOne({
|
||||||
|
usernameLower: parsedAcctLower.username,
|
||||||
|
host: null
|
||||||
|
});
|
||||||
|
} else {
|
||||||
|
user = await User.findOne({
|
||||||
|
_id: id,
|
||||||
|
host: null
|
||||||
|
});
|
||||||
|
}
|
||||||
|
|
||||||
if (user === null) {
|
if (user === null) {
|
||||||
ctx.status = 404;
|
ctx.status = 404;
|
||||||
|
Loading…
Reference in New Issue
Block a user