moanos/hyteck-blog
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

fix: Minor adjustments
All checks were successful
ci/woodpecker/push/woodpecker Pipeline was successful
Details

Browse Source
This commit is contained in:
moanos [he/him] 2024-12-11 15:26:01 +01:00
parent 46c4def4c5
commit d873506c71
2 changed files with 20 additions and 10 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
content/post/cryptpad.md
View File

@ -1,6 +1,6 @@
---
title: "Cryptpad"
date: 2021-05-7T22:08:55+02:00
date: 2021-05-07T22:08:55+02:00
draft: true
image: "uploads/ILMO_bordered.png"
tags: [FOSS]

28
content/post/public-posts-with-authorized-fetch/index.md
View File

@ -31,7 +31,16 @@ So instead, we need a proxy that stores the access token securely and restricts
## The proxy
I wrote a short #FastAPI server for that. It only implements one method
Such a proxie must
* offer the endpoint that provides the same data as the FediverseAPI
* authorize itself to the FediverseAPI via `access_token`
* restrict to read access of consenting accounts
The last point is really important, as we don't want to allow others to use this endpoint to scrape data unauthorized.
I wrote a short FastAPI server that offers this. It only implements one method
```
@app.get("/api/v1/accounts/{account_id}/statuses")
async def fetch_data(account_id):
@ -39,15 +48,16 @@ async def fetch_data(account_id):
raise HTTPException(status_code=401, detail="You can only use this proxy to access configured accounts")
headers = {"Authorization": f"Bearer {ACCESS_TOKEN}"}
try:
response = requests.get(f"{EXTERNAL_API_BASE_URL}/api/v1/accounts/{account_id}/statuses", headers=headers)
response.raise_for_status()
return response.json()
except requests.exceptions.RequestException as e:
raise HTTPException(status_code=502, detail=f"Error fetching data from API: {e}")
response = requests.get(f"{EXTERNAL_API_BASE_URL}/api/v1/accounts/{account_id}/statuses", headers=headers)
return response.json()
```
Basically this is the whole API. I trimmed a few error checks and such. To deploy, I put it in a docker container and started it via docker-compose
Basically this is the whole API code, I only trimmed a few checks and error handling.
## Deployment
To deploy, I put it in a docker container and started it via docker-compose. Reverse proxing is handled by Traefik, I won't go into detail here.
```
services:
fediproxy.example.org:
@ -77,7 +87,7 @@ networks:
```
and added a short `.env` to configure.
I added a short `.env` to configure:
```
ACCESS_TOKEN=VERYSECRETTOKENTHATISDEFINETLYREAL