malpercio.dev / ezpds
An easy-to-host PDS on the ATProtocol, iPhone and MacOS. Maintain control of your keys and data, always.
1
fork

Configure Feed

Select the types of activity you want to include in your feed.

feat(relay): implement GET /xrpc/com.atproto.server.getSession (MM-81) #55

open opened by
malpercio.dev targeting main from malpercio/mm-81-xrpc-comatprotoservergetsession

Summary#

  • Adds GET /xrpc/com.atproto.server.getSession — the first authenticated XRPC route
  • Accepts both legacy HS256 tokens (from createSession) and ES256 OAuth access tokens via the AuthenticatedUser extractor; rejects refresh-scope tokens with InvalidToken
  • Returns { did, handle, email, emailConfirmed, didDoc } with didDoc omitted when no document is stored for the account
  • Adds get_session_account DB query (single JOIN over accounts + handles + did_documents)
  • Removes placeholder #[allow(dead_code)] from AuthenticatedUser and AuthScope

Test plan#

  • 8 unit tests covering: valid token, confirmed email, DID doc present, missing auth, invalid token, expired token, refresh token rejected, deactivated account
  • app.rs 501 test updated to use refreshSession NSID
  • Manual: createSession → use accessJwt against getSession via Bruno (get_session.bru)
  • Manual: verify expired/tampered token returns 401 with correct error codes
Labels

None yet.

assignee

None yet.

Participants 1
AT URI
at://did:web:malpercio.dev/sh.tangled.repo.pull/3mhrb6z5yaq22
Diff #0

No differences found between the selected revisions.

History

1 round 0 comments
sign up or login to add to the discussion
malpercio.dev submitted #0
patch application failed: error: No valid patches in input (allow with "--allow-empty")
expand 0 comments