add some returns, don't serve blob from banned user

moth11.net / rvcx

fork atom

backend for xcvr appview

fork atom

moth11.net 5 months ago bd64bb27 0da36d47

+10

2 changed files

expand all

unified split

server

internal

handler

lrcHandlers.go

oauthHandlers.go

server/internal/handler/lrcHandlers.go

··· 241 241 h.serverError(w, errors.New("empty did")) 242 242 return 243 243 } 244 + ib, _ := h.db.IsBanned(did, r.Context()) 245 + if ib { 246 + h.badRequest(w, errors.New("i don't serve banned content")) 247 + return 248 + } 244 249 if cid == "" { 245 250 cid = vals.Get("cid") 246 251 } 247 252 if cid == "" { 248 253 h.serverError(w, errors.New("empty cid")) 254 + return 249 255 } 250 256 imgPath, err := h.rm.AddImageToCache(did, cid, r.Context()) 251 257 if err != nil {

server/internal/handler/oauthHandlers.go

··· 21 21 key, err := oauth.GetPrivateKey() 22 22 if err != nil { 23 23 h.serverError(w, err) 24 + return 24 25 } 25 26 pubKey, err := key.PublicKey() 26 27 if err != nil { 27 28 h.serverError(w, err) 29 + return 28 30 } 29 31 ro, err := pubKey.JWK() 30 32 if err != nil { 31 33 h.serverError(w, err) 34 + return 32 35 } 33 36 34 37 cski := os.Getenv("CLIENT_SECRET_KEY_ID") ··· 186 189 err = r.ParseForm() 187 190 if err != nil { 188 191 h.badRequest(w, err) 192 + return 189 193 } 190 194 userhandle := r.FormValue("user") 191 195 userdid, err := atputils.GetDidFromHandle(r.Context(), userhandle)