Merge pull request 'Verify Twitter without an API key' (#25) from Supernova/fork-keyoxide:v2verifyTweet into dev

Reviewed-on: https://codeberg.org/keyoxide/web/pulls/25
This commit is contained in:
Yarmo Mackenbach 2020-08-20 15:26:53 +02:00
commit fb080a7de9
3 changed files with 8 additions and 1 deletions

View file

@ -64,6 +64,7 @@ router.get('/verify/proxy', [
router.get('/verify/twitter', [
query('tweetId').isInt().exists(),
query('account').exists(),
query('fingerprint').isHexadecimal().exists()
], async function(req, res) {
const errors = validationResult(req);
@ -73,6 +74,7 @@ router.get('/verify/twitter', [
let params = {
tweetId: req.query.tweetId,
account: req.query.account,
fingerprint: req.query.fingerprint
}

View file

@ -71,7 +71,11 @@ const Twitter = async (params) => {
let twitter_api_auth = process.env.TWITTER_API_AUTH;
if (!twitter_api_auth) {
res.errors.push("No Twitter API auth token provided");
let proofUrl = `https://mobile.twitter.com/${res.params.account}/status/${res.params.tweetId}`;
let re = new RegExp(`[Verifying my OpenPGP key: openpgp4fpr:${res.params.fingerprint}]`, "gi");
const get = bent('GET');
const obj = await get(proofUrl);
res.isVerified = re.test(obj.data);
return res;
}

View file

@ -484,6 +484,7 @@ async function verifyProof(url, fingerprint) {
output.url = `https://twitter.com/${match[1]}`;
output.proofUrlFetch = `/server/verify/twitter
?tweetId=${encodeURIComponent(match[2])}
&account=${encodeURIComponent(match[1])}
&fingerprint=${fingerprint}`;
try {
response = await fetch(output.proofUrlFetch);