diff options
Diffstat (limited to 'app/controllers')
-rw-r--r-- | app/controllers/api/v1/accounts_controller.rb | 2 | ||||
-rw-r--r-- | app/controllers/concerns/signature_verification.rb | 7 |
2 files changed, 7 insertions, 2 deletions
diff --git a/app/controllers/api/v1/accounts_controller.rb b/app/controllers/api/v1/accounts_controller.rb index 1d5372a8c..f711c4676 100644 --- a/app/controllers/api/v1/accounts_controller.rb +++ b/app/controllers/api/v1/accounts_controller.rb @@ -17,7 +17,7 @@ class Api::V1::AccountsController < Api::BaseController end def follow - FollowService.new.call(current_user.account, @account.acct, reblogs: truthy_param?(:reblogs)) + FollowService.new.call(current_user.account, @account, reblogs: truthy_param?(:reblogs)) options = @account.locked? ? {} : { following_map: { @account.id => { reblogs: truthy_param?(:reblogs) } }, requested_map: { @account.id => false } } diff --git a/app/controllers/concerns/signature_verification.rb b/app/controllers/concerns/signature_verification.rb index e5d5e2ca6..7e491641b 100644 --- a/app/controllers/concerns/signature_verification.rb +++ b/app/controllers/concerns/signature_verification.rb @@ -43,7 +43,12 @@ module SignatureVerification return end - account = account_from_key_id(signature_params['keyId']) + account_stoplight = Stoplight("source:#{request.ip}") { account_from_key_id(signature_params['keyId']) } + .with_fallback { nil } + .with_threshold(1) + .with_cool_off_time(5.minutes.seconds) + + account = account_stoplight.run if account.nil? @signature_verification_failure_reason = "Public key not found for key #{signature_params['keyId']}" |