myriation/keyoxide-web
1
0
Fork 0
forked from Mirrors/keyoxide-web
Code Pull requests Activity

Merge pull request 'Use Libravatar instead' (#92) from ilpianista/keyoxide-web:feature/libravatar into main

Browse source 
Reviewed-on: https://codeberg.org/keyoxide/keyoxide-web/pulls/92
This commit is contained in:
Yarmo Mackenbach 2021-06-01 11:53:12 +02:00
commit 6cfcc37910
4 changed files with 10 additions and 6 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

2
content/faq.md
View file

@ -46,7 +46,7 @@ That, we can help you with! Just append the fingerprint of your keypair to the d
There are currently two methods of getting an avatar displayed on your profile page: There are currently two methods of getting an avatar displayed on your profile page:
1. automatically fetched from Gravatar using your primary email address; 1. automatically fetched from [Libravatar](https://www.libravatar.org/) using your primary email address;
2. extracted from the public key. 2. extracted from the public key.
While the first method is the simplest, the slightly-more-complicated second method provides an additional layer of privacy protection by not having to upload your profile picture to a 3rd party. While the first method is the simplest, the slightly-more-complicated second method provides an additional layer of privacy protection by not having to upload your profile picture to a 3rd party.

1
package.json
View file

@ -13,6 +13,7 @@
"express-validator": "^6.8.0", "express-validator": "^6.8.0",
"got": "^11.8.2", "got": "^11.8.2",
"jstransformer-markdown-it": "^2.1.0", "jstransformer-markdown-it": "^2.1.0",
"libravatar": "^3.0.0",
"markdown-it-anchor": "^5.3.0", "markdown-it-anchor": "^5.3.0",
"markdown-it-table-of-contents": "^0.4.4", "markdown-it-table-of-contents": "^0.4.4",
"markdown-it-title": "^3.0.0", "markdown-it-title": "^3.0.0",

8
server/index.js
View file

@ -28,8 +28,8 @@ if any, to sign a "copyright disclaimer" for the program, if necessary. For
more information on this, and how to apply and follow the GNU AGPL, see <https://www.gnu.org/licenses/>. more information on this, and how to apply and follow the GNU AGPL, see <https://www.gnu.org/licenses/>.
*/ */
const doip = require('doipjs') const doip = require('doipjs')
const openpgp = require('openpgp')
const keys = require('./keys') const keys = require('./keys')
const libravatar = require('libravatar')
const generateWKDProfile = async (id) => { const generateWKDProfile = async (id) => {
return keys.fetchWKD(id) return keys.fetchWKD(id)
@ -168,11 +168,9 @@ const computeExtraData = async (key, keyData) => {
// Get the primary user // Get the primary user
const primaryUser = await key.publicKey.getPrimaryUser() const primaryUser = await key.publicKey.getPrimaryUser()
// Compute hash needed for avatar services // Query libravatar to get the avatar url
const profileHash = openpgp.util.str_to_hex(openpgp.util.Uint8Array_to_str(await openpgp.crypto.hash.md5(openpgp.util.str_to_Uint8Array(primaryUser.user.userId.email))))
return { return {
avatarURL: `https://www.gravatar.com/avatar/${profileHash}?s=128&d=mm` avatarURL: await libravatar.get_avatar_url({ email: primaryUser.user.userId.email, size: 128, default: 'mm', https: true })
} }
} }

5
yarn.lock
View file

@ -2765,6 +2765,11 @@ levn@~0.3.0:
prelude-ls "~1.1.2" prelude-ls "~1.1.2"
type-check "~0.3.2" type-check "~0.3.2"
libravatar@^3.0.0:
version "3.0.0"
resolved "https://registry.yarnpkg.com/libravatar/-/libravatar-3.0.0.tgz#db82913fb7f07ff98f17f63a61832049220a0287"
integrity sha512-GAr2zj0toWHLMrVOkmn+TyudU9QX2kvHIxLZwmz7mT6Q6IrhVCAnN+3MFLAULf2w9XZe0NKOr5V5XRKgLRm5Eg==
license-check-and-add@^3.0.4: license-check-and-add@^3.0.4:
version "3.0.5" version "3.0.5"
resolved "https://registry.yarnpkg.com/license-check-and-add/-/license-check-and-add-3.0.5.tgz#ae627cdaa8ae1faf914eb000e3369d46c8708b37" resolved "https://registry.yarnpkg.com/license-check-and-add/-/license-check-and-add-3.0.5.tgz#ae627cdaa8ae1faf914eb000e3369d46c8708b37"