diff --git a/blahd/src/lib.rs b/blahd/src/lib.rs index ac8957e..906c890 100644 --- a/blahd/src/lib.rs +++ b/blahd/src/lib.rs @@ -5,7 +5,7 @@ use std::time::{Duration, SystemTime}; use anyhow::Result; use axum::extract::ws; use axum::extract::{Path, Query, State, WebSocketUpgrade}; -use axum::http::{header, HeaderMap, StatusCode}; +use axum::http::{header, HeaderMap, HeaderName, StatusCode}; use axum::response::{IntoResponse, Response}; use axum::routing::{get, post}; use axum::{Json, Router}; @@ -13,7 +13,7 @@ use axum_extra::extract::WithRejection as R; use blah_types::{ ChatPayload, CreateGroup, CreatePeerChat, CreateRoomPayload, Id, MemberPermission, RoomAdminOp, RoomAdminPayload, RoomAttrs, RoomMetadata, ServerPermission, Signed, SignedChatMsg, Signee, - UserKey, UserRegisterPayload, WithMsgId, + UserKey, UserRegisterPayload, WithMsgId, X_BLAH_DIFFICULTY, X_BLAH_NONCE, }; use database::ConnectionExt; use ed25519_dalek::SIGNATURE_LENGTH; @@ -147,7 +147,11 @@ pub fn router(st: Arc) -> Router { // correct CORS headers. Also `Authorization` must be explicitly included besides `*`. .layer( tower_http::cors::CorsLayer::permissive() - .allow_headers([header::HeaderName::from_static("*"), header::AUTHORIZATION]), + .allow_headers([HeaderName::from_static("*"), header::AUTHORIZATION]) + .expose_headers([ + HeaderName::from_static(X_BLAH_NONCE), + HeaderName::from_static(X_BLAH_DIFFICULTY), + ]), ) .with_state(st) } diff --git a/blahd/src/register.rs b/blahd/src/register.rs index 66476aa..b213443 100644 --- a/blahd/src/register.rs +++ b/blahd/src/register.rs @@ -107,6 +107,7 @@ impl State { } else { OsRng.next_u32() }; + n.update_period = cur_period; n.nonce = OsRng.next_u32(); [n.nonce, n.prev_nonce] } @@ -353,7 +354,7 @@ fn validate_id_desc( } Ok(()) })() - .with_context(|| format!("in act_key {} {}", i, kdesc.act_key))?; + .map_err(|err| anyhow!("invalid act_key[{}] {}: {}", i, kdesc.act_key, err))?; } ensure!(profile_signed, "profile is not signed by valid act_keys");