diff --git a/routes/server.js b/routes/server.js index c360820..b6563de 100644 --- a/routes/server.js +++ b/routes/server.js @@ -64,6 +64,7 @@ router.get('/verify/proxy', [ router.get('/verify/twitter', [ query('tweetId').isInt().exists(), + query('account').exists(), query('fingerprint').isHexadecimal().exists() ], async function(req, res) { const errors = validationResult(req); @@ -73,6 +74,7 @@ router.get('/verify/twitter', [ let params = { tweetId: req.query.tweetId, + account: req.query.account, fingerprint: req.query.fingerprint } diff --git a/server/proofVerification.js b/server/proofVerification.js index df3cd3b..66fb4c9 100644 --- a/server/proofVerification.js +++ b/server/proofVerification.js @@ -71,7 +71,11 @@ const Twitter = async (params) => { let twitter_api_auth = process.env.TWITTER_API_AUTH; if (!twitter_api_auth) { - res.errors.push("No Twitter API auth token provided"); + let proofUrl = `https://mobile.twitter.com/${res.params.account}/status/${res.params.tweetId}`; + let re = new RegExp(`[Verifying my OpenPGP key: openpgp4fpr:${res.params.fingerprint}]`, "gi"); + const get = bent('GET'); + const obj = await get(proofUrl); + res.isVerified = re.test(obj.data); return res; } diff --git a/static/scripts.js b/static/scripts.js index 95f2a12..f32ee6e 100644 --- a/static/scripts.js +++ b/static/scripts.js @@ -484,6 +484,7 @@ async function verifyProof(url, fingerprint) { output.url = `https://twitter.com/${match[1]}`; output.proofUrlFetch = `/server/verify/twitter ?tweetId=${encodeURIComponent(match[2])} +&account=${encodeURIComponent(match[1])} &fingerprint=${fingerprint}`; try { response = await fetch(output.proofUrlFetch);