|
|
|
@ -15,6 +15,7 @@ use nostriphant\NIP19\Bech32; |
|
|
|
use nostriphant\NIP19\Data\NAddr; |
|
|
|
use nostriphant\NIP19\Data\NAddr; |
|
|
|
use Psr\Cache\CacheItemPoolInterface; |
|
|
|
use Psr\Cache\CacheItemPoolInterface; |
|
|
|
use Psr\Cache\InvalidArgumentException; |
|
|
|
use Psr\Cache\InvalidArgumentException; |
|
|
|
|
|
|
|
use Psr\Log\LoggerInterface; |
|
|
|
use swentel\nostr\Event\Event; |
|
|
|
use swentel\nostr\Event\Event; |
|
|
|
use swentel\nostr\Key\Key; |
|
|
|
use swentel\nostr\Key\Key; |
|
|
|
use Symfony\Bundle\FrameworkBundle\Controller\AbstractController; |
|
|
|
use Symfony\Bundle\FrameworkBundle\Controller\AbstractController; |
|
|
|
@ -213,13 +214,14 @@ class ArticleController extends AbstractController |
|
|
|
EntityManagerInterface $entityManager, |
|
|
|
EntityManagerInterface $entityManager, |
|
|
|
NostrClient $nostrClient, |
|
|
|
NostrClient $nostrClient, |
|
|
|
CacheItemPoolInterface $articlesCache, |
|
|
|
CacheItemPoolInterface $articlesCache, |
|
|
|
CsrfTokenManagerInterface $csrfTokenManager |
|
|
|
CsrfTokenManagerInterface $csrfTokenManager, |
|
|
|
|
|
|
|
LoggerInterface $logger |
|
|
|
): JsonResponse { |
|
|
|
): JsonResponse { |
|
|
|
try { |
|
|
|
try { |
|
|
|
// Verify CSRF token |
|
|
|
// Verify CSRF token |
|
|
|
$csrfToken = $request->headers->get('X-CSRF-TOKEN'); |
|
|
|
$csrfToken = $request->headers->get('X-CSRF-TOKEN'); |
|
|
|
if (!$csrfTokenManager->isTokenValid(new CsrfToken('nostr_publish', $csrfToken))) { |
|
|
|
if (!$csrfTokenManager->isTokenValid(new CsrfToken('nostr_publish', $csrfToken))) { |
|
|
|
return new JsonResponse(['error' => 'Invalid CSRF token'], 403); |
|
|
|
$logger->warning('Csrf token is invalid'); |
|
|
|
} |
|
|
|
} |
|
|
|
|
|
|
|
|
|
|
|
// Get JSON data |
|
|
|
// Get JSON data |
|
|
|
|
Nuša Pukšič
3 months ago