Disable signature verification on API read
Gitea Actions Demo / Explore-Gitea-Actions (push) Failing after 33s Details

This commit is contained in:
Ladd Hoffman 2024-03-20 20:10:43 -05:00
parent 1f691bf2b4
commit b229e2e6af
1 changed files with 14 additions and 13 deletions

View File

@ -1,12 +1,11 @@
import axios from 'axios';
// trailing slash is deliberate, to differentiate this package from the core node module
import { Buffer } from 'buffer/';
import { recoverPersonalSignature } from '@metamask/eth-sig-util';
// import createHash from 'create-hash';
// import { recoverPersonalSignature } from '@metamask/eth-sig-util';
import objectHash from 'object-hash';
// Make Buffer available to recoverPersonalSignature
window.Buffer = Buffer;
// window.Buffer = Buffer;
class Post {
constructor({
@ -26,16 +25,18 @@ class Post {
if (hash !== derivedHash) {
throw new Error('Hash mismatch');
}
// Verify signature
let recovered;
try {
recovered = recoverPersonalSignature({ data: content, signature });
} catch (e) {
throw new Error('Signature error', e);
}
if (recovered !== author) {
throw new Error('Author mismatch');
}
// TODO: Verify signature
// Disabling this because @metamask/eth-sig-util is a nodejs module
// and we need to figure out how to bundle it.
// let recovered;
// try {
// recovered = recoverPersonalSignature({ data: content, signature });
// } catch (e) {
// throw new Error('Signature error', e);
// }
// if (recovered !== author) {
// throw new Error('Author mismatch');
// }
return new Post({
content, author, signature, hash,
});