merge authentication and signature middlewares

2020-02-18 01:05:34 -05:00 · 2020-02-18 01:05:34 -05:00 · 859fde7648
parent 0468c1f67d
commit 859fde7648
2 changed files with 19 additions and 34 deletions
--- a/uncia/middleware.py
+++ b/uncia/middleware.py
@ -30,39 +30,6 @@ async def query_post_dict(request):


 async def authentication(request):
-	accept = True if 'json' in request.headers.get('accept', '') or request.path.startswith('/api') else None
-
-	if not get.config('setup') and not request.path.startswith(('/setup', '/style')):
-		return response.redirect('/setup') if not accept else response.json({'error': 'relay not setup yet'}, status=401)
-
-	apitoken = request.headers.get('token')
-	token = request.cookies.get('token')
-
-	if not get.user('all') and not accept and request.path.startswith(('/admin', '/login')):
-		return response.redirect('/register')
-
-	if request.path.startswith(('/api', '/admin')) and (not token or not get.token(token)):
-		if accept:
-			return error(request, 'Missing or invalid token', 401) if accept else await Login().get(request)
-
-		else:
-			return response.redirect('/login')
-
-
-async def signatures(request):
-	debug = False
-
-	if debug:
-		try:
-			data = request.json
-
-		except:
-			data = {}
-
-		if request.path == '/inbox':
-			logging.info(f'headers: {request.headers}')
-			logging.info(f'body: {request.body}')
-
 	if request.path == '/inbox':
 		valid = validate(request)
 		data = request.json
@ -72,3 +39,22 @@ async def signatures(request):

 		if not valid:
 			return error(request, 'Invalid signature', 401)
+
+	else:
+		accept = True if 'json' in request.headers.get('accept', '') or request.path.startswith('/api') else None
+
+		if not get.config('setup') and not request.path.startswith(('/setup', '/style')):
+			return response.redirect('/setup') if not accept else response.json({'error': 'relay not setup yet'}, status=401)
+
+		apitoken = request.headers.get('token')
+		token = request.cookies.get('token')
+
+		if not get.user('all') and not accept and request.path.startswith(('/admin', '/login')):
+			return response.redirect('/register')
+
+		if request.path.startswith(('/api', '/admin')) and (not token or not get.token(token)):
+			if accept:
+				return error(request, 'Missing or invalid token', 401) if accept else await Login().get(request)
+
+			else:
+				return response.redirect('/login')
--- a/uncia/server.py
+++ b/uncia/server.py
@ -22,7 +22,6 @@ app.config.FORWARDED_SECRET = fwsecret
 # Register middlewares
 app.register_middleware(mw.authentication)
 app.register_middleware(mw.query_post_dict)
-app.register_middleware(mw.signatures)
 app.register_middleware(mw.access_log, attach_to='response')

 # Register error handlers