🌿 Collaborative wiki on ATProto lichen.wiki
atproto
14
fork

Configure Feed

Select the types of activity you want to include in your feed.

Add more auth checks

juprodh c7239968 758cb41f

+14 -3
+10 -1
src/server/index.ts
··· 1 1 import { staticPlugin } from "@elysiajs/static"; 2 2 import { Elysia } from "elysia"; 3 - import { isAuthEnabled } from "../atproto/env.ts"; 3 + import { getAtprotoEnv, getDevPdsUrl, isAuthEnabled } from "../atproto/env.ts"; 4 4 import { atprotoRoutes } from "../atproto/routes.ts"; 5 5 import { AppError } from "../lib/errors.ts"; 6 6 import { getDb } from "./db/index.ts"; ··· 14 14 import { profileRoutes } from "./routes/profile.ts"; 15 15 import { searchRoutes } from "./routes/search.ts"; 16 16 import { wikiRoutes } from "./routes/wiki.ts"; 17 + 18 + // Dev and prod OAuth configurations must not coexist: the dev-session fallback 19 + // trusts a `did=` cookie without a password check, so a prod instance with 20 + // DEV_PDS_URL set would allow impersonation. 21 + if (getAtprotoEnv() !== null && getDevPdsUrl() !== null) { 22 + throw new Error( 23 + "Dev and prod OAuth configurations are mutually exclusive — unset DEV_PDS_URL or the OAuth env vars (PUBLIC_URL / OAUTH_PRIVATE_KEY_PATH).", 24 + ); 25 + } 17 26 18 27 // Initialize database on startup 19 28 getDb();
+3 -2
src/server/routes/blob.ts
··· 2 2 import { join, resolve } from "node:path"; 3 3 import { Elysia } from "elysia"; 4 4 import { isAuthEnabled } from "../../atproto/env.ts"; 5 - import { getAgent, getSessionFromRequest } from "../../atproto/session.ts"; 5 + import { getAgent } from "../../atproto/session.ts"; 6 + import { resolveRequestContext } from "../../lib/access.ts"; 6 7 import { MIME_TO_EXT } from "../../lib/constants.ts"; 7 8 import { formatError } from "../../lib/errors.ts"; 8 9 import { resolvePdsEndpoint } from "../../lib/identity.ts"; ··· 41 42 }); 42 43 } 43 44 44 - const session = await getSessionFromRequest(request); 45 + const { session } = await resolveRequestContext(request); 45 46 46 47 if (!session && isAuthEnabled()) { 47 48 return new Response(
+1
src/views/layout.ts
··· 257 257 <span class="mx-2">&middot;</span> 258 258 <a href="https://tangled.org/juprodh.bsky.social/lichen.wiki" target="_blank" rel="noopener noreferrer" class="hover:underline">${msg.home.sourceCode}</a> 259 259 </footer> 260 + <script data-goatcounter="https://stats.lichen.wiki/count" async src="//stats.lichen.wiki/count.js"></script> 260 261 </body> 261 262 </html>`; 262 263 }