mirrors/barkey
1
0
Fork 0
mirror of https://codeberg.org/yeentown/barkey.git synced 2025-07-07 12:36:57 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions

remerge: auto-approve and allow unsigned fetch for system users

Browse source
This commit is contained in:
Hazelnoot 2025-03-25 16:22:39 -04:00
parent 40975719ec
commit 76b1cf0526
1 changed files with 6 additions and 0 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

6
packages/backend/src/core/SystemAccountService.ts
View file

@ -114,6 +114,12 @@ export class SystemAccountService {
isExplorable: false, isExplorable: false,
isBot: true, isBot: true,
name: extra.name, name: extra.name,
// System accounts are automatically approved.
approved: true,
// We always allow requests to system accounts to avoid federation infinite loop.
// When a remote instance needs to check our signature on a request we sent, it will need to fetch information about the user that signed it (which is our instance actor).
// If we try to check their signature on *that* request, we'll fetch *their* instance actor... leading to an infinite recursion
allowUnsignedFetch: 'always',
}).then(x => transactionalEntityManager.findOneByOrFail(MiUser, x.identifiers[0])); }).then(x => transactionalEntityManager.findOneByOrFail(MiUser, x.identifiers[0]));
await transactionalEntityManager.insert(MiUserKeypair, { await transactionalEntityManager.insert(MiUserKeypair, {