From d873506c71a33377f012b37fecd3c98a8bd09fa8 Mon Sep 17 00:00:00 2001
From: moanos <julian-samuel@gebuehr.net>
Date: Wed, 11 Dec 2024 15:26:01 +0100
Subject: [PATCH] fix: Minor adjustments

---
 content/post/cryptpad.md                      |  2 +-
 .../index.md                                  | 28 +++++++++++++------
 2 files changed, 20 insertions(+), 10 deletions(-)

diff --git a/content/post/cryptpad.md b/content/post/cryptpad.md
index f3d7e99..9e4ef55 100644
--- a/content/post/cryptpad.md
+++ b/content/post/cryptpad.md
@@ -1,6 +1,6 @@
 ---
 title: "Cryptpad"
-date: 2021-05-7T22:08:55+02:00
+date: 2021-05-07T22:08:55+02:00
 draft: true
 image: "uploads/ILMO_bordered.png"
 tags: [FOSS]
diff --git a/content/post/public-posts-with-authorized-fetch/index.md b/content/post/public-posts-with-authorized-fetch/index.md
index 180a8db..9fbc6b3 100644
--- a/content/post/public-posts-with-authorized-fetch/index.md
+++ b/content/post/public-posts-with-authorized-fetch/index.md
@@ -31,7 +31,16 @@ So instead, we need a proxy that stores the access token securely and restricts
 
 ## The proxy
 
-I wrote a short #FastAPI server for that. It only implements one method
+Such a proxie must
+
+* offer the endpoint that provides the same data as the FediverseAPI
+* authorize itself to the FediverseAPI via `access_token`
+* restrict to read access of consenting accounts
+
+The last point is really important, as we don't want to allow others to use this endpoint to scrape data unauthorized.
+
+I wrote a short FastAPI server that offers this. It only implements one method
+
 ```
 @app.get("/api/v1/accounts/{account_id}/statuses")
 async def fetch_data(account_id):
@@ -39,15 +48,16 @@ async def fetch_data(account_id):
         raise HTTPException(status_code=401, detail="You can only use this proxy to access configured accounts")
 
     headers = {"Authorization": f"Bearer {ACCESS_TOKEN}"}
-    try:
-        response = requests.get(f"{EXTERNAL_API_BASE_URL}/api/v1/accounts/{account_id}/statuses", headers=headers)
-        response.raise_for_status()
-        return response.json()
-    except requests.exceptions.RequestException as e:
-        raise HTTPException(status_code=502, detail=f"Error fetching data from API: {e}")
+    response = requests.get(f"{EXTERNAL_API_BASE_URL}/api/v1/accounts/{account_id}/statuses", headers=headers)
+    return response.json()
 ```
 
-Basically this is the whole API. I trimmed a few error checks and such. To deploy, I put it in a docker container and started it via docker-compose
+Basically this is the whole API code, I only trimmed a few checks and error handling.
+
+## Deployment
+
+To deploy, I put it in a docker container and started it via docker-compose. Reverse proxing is handled by Traefik, I won't go into detail here.
+
 ```
 services:
   fediproxy.example.org:
@@ -77,7 +87,7 @@ networks:
 
 ```
 
-and added a short `.env` to configure.
+I added a short `.env` to configure:
 
 ```
 ACCESS_TOKEN=VERYSECRETTOKENTHATISDEFINETLYREAL