@atproto/pds 0.4.29 → 0.4.31

Sign up to get free protection for your applications and to get access to all the features.
Files changed (206) hide show
  1. package/CHANGELOG.md +18 -0
  2. package/dist/account-manager/helpers/account.d.ts +13 -1
  3. package/dist/account-manager/helpers/account.d.ts.map +1 -1
  4. package/dist/account-manager/helpers/account.js +24 -7
  5. package/dist/account-manager/helpers/account.js.map +1 -1
  6. package/dist/account-manager/index.d.ts +4 -1
  7. package/dist/account-manager/index.d.ts.map +1 -1
  8. package/dist/account-manager/index.js +2 -2
  9. package/dist/account-manager/index.js.map +1 -1
  10. package/dist/api/app/bsky/actor/getPreferences.js +1 -1
  11. package/dist/api/app/bsky/actor/getPreferences.js.map +1 -1
  12. package/dist/api/app/bsky/actor/getProfile.js +1 -1
  13. package/dist/api/app/bsky/actor/getProfile.js.map +1 -1
  14. package/dist/api/app/bsky/actor/getProfiles.js +1 -1
  15. package/dist/api/app/bsky/actor/getProfiles.js.map +1 -1
  16. package/dist/api/app/bsky/actor/putPreferences.js +1 -1
  17. package/dist/api/app/bsky/actor/putPreferences.js.map +1 -1
  18. package/dist/api/app/bsky/feed/getActorLikes.js +1 -1
  19. package/dist/api/app/bsky/feed/getActorLikes.js.map +1 -1
  20. package/dist/api/app/bsky/feed/getAuthorFeed.js +1 -1
  21. package/dist/api/app/bsky/feed/getAuthorFeed.js.map +1 -1
  22. package/dist/api/app/bsky/feed/getFeed.js +1 -1
  23. package/dist/api/app/bsky/feed/getFeed.js.map +1 -1
  24. package/dist/api/app/bsky/feed/getPostThread.js +1 -1
  25. package/dist/api/app/bsky/feed/getPostThread.js.map +1 -1
  26. package/dist/api/app/bsky/feed/getTimeline.js +1 -1
  27. package/dist/api/app/bsky/feed/getTimeline.js.map +1 -1
  28. package/dist/api/app/bsky/notification/registerPush.d.ts.map +1 -1
  29. package/dist/api/app/bsky/notification/registerPush.js +4 -1
  30. package/dist/api/app/bsky/notification/registerPush.js.map +1 -1
  31. package/dist/api/chat/index.js +14 -14
  32. package/dist/api/chat/index.js.map +1 -1
  33. package/dist/api/com/atproto/admin/getAccountInfo.d.ts.map +1 -1
  34. package/dist/api/com/atproto/admin/getAccountInfo.js +1 -0
  35. package/dist/api/com/atproto/admin/getAccountInfo.js.map +1 -1
  36. package/dist/api/com/atproto/admin/getSubjectStatus.d.ts.map +1 -1
  37. package/dist/api/com/atproto/admin/getSubjectStatus.js +4 -3
  38. package/dist/api/com/atproto/admin/getSubjectStatus.js.map +1 -1
  39. package/dist/api/com/atproto/admin/updateSubjectStatus.d.ts.map +1 -1
  40. package/dist/api/com/atproto/admin/updateSubjectStatus.js +11 -1
  41. package/dist/api/com/atproto/admin/updateSubjectStatus.js.map +1 -1
  42. package/dist/api/com/atproto/identity/getRecommendedDidCredentials.js +1 -1
  43. package/dist/api/com/atproto/identity/getRecommendedDidCredentials.js.map +1 -1
  44. package/dist/api/com/atproto/identity/requestPlcOperationSignature.js +1 -1
  45. package/dist/api/com/atproto/identity/requestPlcOperationSignature.js.map +1 -1
  46. package/dist/api/com/atproto/identity/signPlcOperation.js +1 -1
  47. package/dist/api/com/atproto/identity/signPlcOperation.js.map +1 -1
  48. package/dist/api/com/atproto/identity/submitPlcOperation.js +1 -1
  49. package/dist/api/com/atproto/identity/submitPlcOperation.js.map +1 -1
  50. package/dist/api/com/atproto/identity/updateHandle.js +1 -1
  51. package/dist/api/com/atproto/identity/updateHandle.js.map +1 -1
  52. package/dist/api/com/atproto/repo/applyWrites.d.ts.map +1 -1
  53. package/dist/api/com/atproto/repo/applyWrites.js +4 -1
  54. package/dist/api/com/atproto/repo/applyWrites.js.map +1 -1
  55. package/dist/api/com/atproto/repo/createRecord.d.ts.map +1 -1
  56. package/dist/api/com/atproto/repo/createRecord.js +4 -1
  57. package/dist/api/com/atproto/repo/createRecord.js.map +1 -1
  58. package/dist/api/com/atproto/repo/deleteRecord.d.ts.map +1 -1
  59. package/dist/api/com/atproto/repo/deleteRecord.js +4 -1
  60. package/dist/api/com/atproto/repo/deleteRecord.js.map +1 -1
  61. package/dist/api/com/atproto/repo/importRepo.d.ts.map +1 -1
  62. package/dist/api/com/atproto/repo/importRepo.js +3 -1
  63. package/dist/api/com/atproto/repo/importRepo.js.map +1 -1
  64. package/dist/api/com/atproto/repo/listMissingBlobs.js +1 -1
  65. package/dist/api/com/atproto/repo/listMissingBlobs.js.map +1 -1
  66. package/dist/api/com/atproto/repo/putRecord.d.ts.map +1 -1
  67. package/dist/api/com/atproto/repo/putRecord.js +4 -1
  68. package/dist/api/com/atproto/repo/putRecord.js.map +1 -1
  69. package/dist/api/com/atproto/repo/uploadBlob.d.ts.map +1 -1
  70. package/dist/api/com/atproto/repo/uploadBlob.js +3 -1
  71. package/dist/api/com/atproto/repo/uploadBlob.js.map +1 -1
  72. package/dist/api/com/atproto/server/activateAccount.js +1 -1
  73. package/dist/api/com/atproto/server/activateAccount.js.map +1 -1
  74. package/dist/api/com/atproto/server/checkAccountStatus.js +1 -1
  75. package/dist/api/com/atproto/server/checkAccountStatus.js.map +1 -1
  76. package/dist/api/com/atproto/server/confirmEmail.js +1 -1
  77. package/dist/api/com/atproto/server/confirmEmail.js.map +1 -1
  78. package/dist/api/com/atproto/server/createAppPassword.d.ts.map +1 -1
  79. package/dist/api/com/atproto/server/createAppPassword.js +3 -1
  80. package/dist/api/com/atproto/server/createAppPassword.js.map +1 -1
  81. package/dist/api/com/atproto/server/createSession.d.ts.map +1 -1
  82. package/dist/api/com/atproto/server/createSession.js +2 -0
  83. package/dist/api/com/atproto/server/createSession.js.map +1 -1
  84. package/dist/api/com/atproto/server/deactivateAccount.js +1 -1
  85. package/dist/api/com/atproto/server/deactivateAccount.js.map +1 -1
  86. package/dist/api/com/atproto/server/getAccountInviteCodes.js +1 -1
  87. package/dist/api/com/atproto/server/getAccountInviteCodes.js.map +1 -1
  88. package/dist/api/com/atproto/server/getServiceAuth.js +1 -1
  89. package/dist/api/com/atproto/server/getServiceAuth.js.map +1 -1
  90. package/dist/api/com/atproto/server/getSession.d.ts.map +1 -1
  91. package/dist/api/com/atproto/server/getSession.js +7 -2
  92. package/dist/api/com/atproto/server/getSession.js.map +1 -1
  93. package/dist/api/com/atproto/server/listAppPasswords.js +1 -1
  94. package/dist/api/com/atproto/server/listAppPasswords.js.map +1 -1
  95. package/dist/api/com/atproto/server/refreshSession.d.ts.map +1 -1
  96. package/dist/api/com/atproto/server/refreshSession.js +2 -0
  97. package/dist/api/com/atproto/server/refreshSession.js.map +1 -1
  98. package/dist/api/com/atproto/server/requestAccountDelete.js +1 -1
  99. package/dist/api/com/atproto/server/requestAccountDelete.js.map +1 -1
  100. package/dist/api/com/atproto/server/requestEmailConfirmation.js +1 -1
  101. package/dist/api/com/atproto/server/requestEmailConfirmation.js.map +1 -1
  102. package/dist/api/com/atproto/server/requestEmailUpdate.js +1 -1
  103. package/dist/api/com/atproto/server/requestEmailUpdate.js.map +1 -1
  104. package/dist/api/com/atproto/server/revokeAppPassword.js +1 -1
  105. package/dist/api/com/atproto/server/revokeAppPassword.js.map +1 -1
  106. package/dist/api/com/atproto/server/updateEmail.js +1 -1
  107. package/dist/api/com/atproto/server/updateEmail.js.map +1 -1
  108. package/dist/api/com/atproto/sync/getRepoStatus.js +1 -1
  109. package/dist/api/com/atproto/sync/getRepoStatus.js.map +1 -1
  110. package/dist/api/com/atproto/sync/listRepos.js +2 -2
  111. package/dist/api/com/atproto/sync/listRepos.js.map +1 -1
  112. package/dist/api/com/atproto/sync/util.d.ts +1 -8
  113. package/dist/api/com/atproto/sync/util.d.ts.map +1 -1
  114. package/dist/api/com/atproto/sync/util.js +1 -17
  115. package/dist/api/com/atproto/sync/util.js.map +1 -1
  116. package/dist/api/com/atproto/temp/checkSignupQueue.d.ts.map +1 -1
  117. package/dist/api/com/atproto/temp/checkSignupQueue.js +4 -1
  118. package/dist/api/com/atproto/temp/checkSignupQueue.js.map +1 -1
  119. package/dist/auth-verifier.d.ts +13 -7
  120. package/dist/auth-verifier.d.ts.map +1 -1
  121. package/dist/auth-verifier.js +29 -46
  122. package/dist/auth-verifier.js.map +1 -1
  123. package/dist/lexicon/lexicons.d.ts +44 -0
  124. package/dist/lexicon/lexicons.d.ts.map +1 -1
  125. package/dist/lexicon/lexicons.js +44 -0
  126. package/dist/lexicon/lexicons.js.map +1 -1
  127. package/dist/lexicon/types/com/atproto/admin/defs.d.ts +1 -0
  128. package/dist/lexicon/types/com/atproto/admin/defs.d.ts.map +1 -1
  129. package/dist/lexicon/types/com/atproto/admin/defs.js.map +1 -1
  130. package/dist/lexicon/types/com/atproto/admin/getSubjectStatus.d.ts +1 -0
  131. package/dist/lexicon/types/com/atproto/admin/getSubjectStatus.d.ts.map +1 -1
  132. package/dist/lexicon/types/com/atproto/admin/updateSubjectStatus.d.ts +1 -0
  133. package/dist/lexicon/types/com/atproto/admin/updateSubjectStatus.d.ts.map +1 -1
  134. package/dist/lexicon/types/com/atproto/server/createSession.d.ts +3 -0
  135. package/dist/lexicon/types/com/atproto/server/createSession.d.ts.map +1 -1
  136. package/dist/lexicon/types/com/atproto/server/getSession.d.ts +3 -0
  137. package/dist/lexicon/types/com/atproto/server/getSession.d.ts.map +1 -1
  138. package/dist/lexicon/types/com/atproto/server/refreshSession.d.ts +3 -0
  139. package/dist/lexicon/types/com/atproto/server/refreshSession.d.ts.map +1 -1
  140. package/dist/lexicon/types/tools/ozone/moderation/defs.d.ts +2 -0
  141. package/dist/lexicon/types/tools/ozone/moderation/defs.d.ts.map +1 -1
  142. package/dist/lexicon/types/tools/ozone/moderation/defs.js.map +1 -1
  143. package/dist/pipethrough.d.ts.map +1 -1
  144. package/dist/pipethrough.js +17 -14
  145. package/dist/pipethrough.js.map +1 -1
  146. package/package.json +4 -4
  147. package/src/account-manager/helpers/account.ts +30 -6
  148. package/src/account-manager/index.ts +2 -2
  149. package/src/api/app/bsky/actor/getPreferences.ts +1 -1
  150. package/src/api/app/bsky/actor/getProfile.ts +1 -1
  151. package/src/api/app/bsky/actor/getProfiles.ts +1 -1
  152. package/src/api/app/bsky/actor/putPreferences.ts +1 -1
  153. package/src/api/app/bsky/feed/getActorLikes.ts +1 -1
  154. package/src/api/app/bsky/feed/getAuthorFeed.ts +1 -1
  155. package/src/api/app/bsky/feed/getFeed.ts +1 -1
  156. package/src/api/app/bsky/feed/getPostThread.ts +1 -1
  157. package/src/api/app/bsky/feed/getTimeline.ts +1 -1
  158. package/src/api/app/bsky/notification/registerPush.ts +4 -1
  159. package/src/api/chat/index.ts +14 -14
  160. package/src/api/com/atproto/admin/getAccountInfo.ts +1 -0
  161. package/src/api/com/atproto/admin/getSubjectStatus.ts +4 -3
  162. package/src/api/com/atproto/admin/updateSubjectStatus.ts +11 -1
  163. package/src/api/com/atproto/identity/getRecommendedDidCredentials.ts +1 -1
  164. package/src/api/com/atproto/identity/requestPlcOperationSignature.ts +1 -1
  165. package/src/api/com/atproto/identity/signPlcOperation.ts +1 -1
  166. package/src/api/com/atproto/identity/submitPlcOperation.ts +1 -1
  167. package/src/api/com/atproto/identity/updateHandle.ts +1 -1
  168. package/src/api/com/atproto/repo/applyWrites.ts +4 -1
  169. package/src/api/com/atproto/repo/createRecord.ts +4 -1
  170. package/src/api/com/atproto/repo/deleteRecord.ts +4 -1
  171. package/src/api/com/atproto/repo/importRepo.ts +3 -1
  172. package/src/api/com/atproto/repo/listMissingBlobs.ts +1 -1
  173. package/src/api/com/atproto/repo/putRecord.ts +4 -1
  174. package/src/api/com/atproto/repo/uploadBlob.ts +3 -1
  175. package/src/api/com/atproto/server/activateAccount.ts +1 -1
  176. package/src/api/com/atproto/server/checkAccountStatus.ts +1 -1
  177. package/src/api/com/atproto/server/confirmEmail.ts +1 -1
  178. package/src/api/com/atproto/server/createAppPassword.ts +3 -1
  179. package/src/api/com/atproto/server/createSession.ts +2 -0
  180. package/src/api/com/atproto/server/deactivateAccount.ts +1 -1
  181. package/src/api/com/atproto/server/getAccountInviteCodes.ts +1 -1
  182. package/src/api/com/atproto/server/getServiceAuth.ts +1 -1
  183. package/src/api/com/atproto/server/getSession.ts +7 -2
  184. package/src/api/com/atproto/server/listAppPasswords.ts +1 -1
  185. package/src/api/com/atproto/server/refreshSession.ts +2 -0
  186. package/src/api/com/atproto/server/requestAccountDelete.ts +1 -1
  187. package/src/api/com/atproto/server/requestEmailConfirmation.ts +1 -1
  188. package/src/api/com/atproto/server/requestEmailUpdate.ts +1 -1
  189. package/src/api/com/atproto/server/revokeAppPassword.ts +1 -1
  190. package/src/api/com/atproto/server/updateEmail.ts +1 -1
  191. package/src/api/com/atproto/sync/getRepoStatus.ts +2 -2
  192. package/src/api/com/atproto/sync/listRepos.ts +1 -1
  193. package/src/api/com/atproto/sync/util.ts +1 -24
  194. package/src/api/com/atproto/temp/checkSignupQueue.ts +4 -1
  195. package/src/auth-verifier.ts +62 -47
  196. package/src/lexicon/lexicons.ts +47 -0
  197. package/src/lexicon/types/com/atproto/admin/defs.ts +1 -0
  198. package/src/lexicon/types/com/atproto/admin/getSubjectStatus.ts +1 -0
  199. package/src/lexicon/types/com/atproto/admin/updateSubjectStatus.ts +1 -0
  200. package/src/lexicon/types/com/atproto/server/createSession.ts +3 -0
  201. package/src/lexicon/types/com/atproto/server/getSession.ts +3 -0
  202. package/src/lexicon/types/com/atproto/server/refreshSession.ts +3 -0
  203. package/src/lexicon/types/tools/ozone/moderation/defs.ts +2 -0
  204. package/src/pipethrough.ts +5 -4
  205. package/tests/account-deactivation.test.ts +31 -2
  206. package/tests/auth.test.ts +3 -0
package/src/api/chat/index.ts CHANGED
@@ -4,85 +4,85 @@ import { pipethrough, pipethroughProcedure } from '../../pipethrough'
4
4
 
5
5
  export default function (server: Server, ctx: AppContext) {
6
6
  server.chat.bsky.actor.deleteAccount({
7
- auth: ctx.authVerifier.accessAppPassPrivileged,
7
+ auth: ctx.authVerifier.accessPrivileged(),
8
8
  handler: async ({ req, auth }) => {
9
9
  return pipethroughProcedure(ctx, req, auth.credentials.did)
10
10
  },
11
11
  })
12
12
  server.chat.bsky.actor.exportAccountData({
13
- auth: ctx.authVerifier.accessAppPassPrivileged,
13
+ auth: ctx.authVerifier.accessPrivileged(),
14
14
  handler: ({ req, auth }) => {
15
15
  return pipethrough(ctx, req, auth.credentials.did)
16
16
  },
17
17
  })
18
18
  server.chat.bsky.convo.deleteMessageForSelf({
19
- auth: ctx.authVerifier.accessAppPassPrivileged,
19
+ auth: ctx.authVerifier.accessPrivileged(),
20
20
  handler: ({ req, auth, input }) => {
21
21
  return pipethroughProcedure(ctx, req, auth.credentials.did, input.body)
22
22
  },
23
23
  })
24
24
  server.chat.bsky.convo.getConvo({
25
- auth: ctx.authVerifier.accessAppPassPrivileged,
25
+ auth: ctx.authVerifier.accessPrivileged(),
26
26
  handler: ({ req, auth }) => {
27
27
  return pipethrough(ctx, req, auth.credentials.did)
28
28
  },
29
29
  })
30
30
  server.chat.bsky.convo.getConvoForMembers({
31
- auth: ctx.authVerifier.accessAppPassPrivileged,
31
+ auth: ctx.authVerifier.accessPrivileged(),
32
32
  handler: ({ req, auth }) => {
33
33
  return pipethrough(ctx, req, auth.credentials.did)
34
34
  },
35
35
  })
36
36
  server.chat.bsky.convo.getLog({
37
- auth: ctx.authVerifier.accessAppPassPrivileged,
37
+ auth: ctx.authVerifier.accessPrivileged(),
38
38
  handler: ({ req, auth }) => {
39
39
  return pipethrough(ctx, req, auth.credentials.did)
40
40
  },
41
41
  })
42
42
  server.chat.bsky.convo.getMessages({
43
- auth: ctx.authVerifier.accessAppPassPrivileged,
43
+ auth: ctx.authVerifier.accessPrivileged(),
44
44
  handler: ({ req, auth }) => {
45
45
  return pipethrough(ctx, req, auth.credentials.did)
46
46
  },
47
47
  })
48
48
  server.chat.bsky.convo.leaveConvo({
49
- auth: ctx.authVerifier.accessAppPassPrivileged,
49
+ auth: ctx.authVerifier.accessPrivileged(),
50
50
  handler: ({ req, auth, input }) => {
51
51
  return pipethroughProcedure(ctx, req, auth.credentials.did, input.body)
52
52
  },
53
53
  })
54
54
  server.chat.bsky.convo.listConvos({
55
- auth: ctx.authVerifier.accessAppPassPrivileged,
55
+ auth: ctx.authVerifier.accessPrivileged(),
56
56
  handler: ({ req, auth }) => {
57
57
  return pipethrough(ctx, req, auth.credentials.did)
58
58
  },
59
59
  })
60
60
  server.chat.bsky.convo.muteConvo({
61
- auth: ctx.authVerifier.accessAppPassPrivileged,
61
+ auth: ctx.authVerifier.accessPrivileged(),
62
62
  handler: ({ req, auth, input }) => {
63
63
  return pipethroughProcedure(ctx, req, auth.credentials.did, input.body)
64
64
  },
65
65
  })
66
66
  server.chat.bsky.convo.sendMessage({
67
- auth: ctx.authVerifier.accessAppPassPrivileged,
67
+ auth: ctx.authVerifier.accessPrivileged(),
68
68
  handler: ({ req, auth, input }) => {
69
69
  return pipethroughProcedure(ctx, req, auth.credentials.did, input.body)
70
70
  },
71
71
  })
72
72
  server.chat.bsky.convo.sendMessageBatch({
73
- auth: ctx.authVerifier.accessAppPassPrivileged,
73
+ auth: ctx.authVerifier.accessPrivileged(),
74
74
  handler: ({ req, auth, input }) => {
75
75
  return pipethroughProcedure(ctx, req, auth.credentials.did, input.body)
76
76
  },
77
77
  })
78
78
  server.chat.bsky.convo.unmuteConvo({
79
- auth: ctx.authVerifier.accessAppPassPrivileged,
79
+ auth: ctx.authVerifier.accessPrivileged(),
80
80
  handler: ({ req, auth, input }) => {
81
81
  return pipethroughProcedure(ctx, req, auth.credentials.did, input.body)
82
82
  },
83
83
  })
84
84
  server.chat.bsky.convo.updateRead({
85
- auth: ctx.authVerifier.accessAppPassPrivileged,
85
+ auth: ctx.authVerifier.accessPrivileged(),
86
86
  handler: ({ req, auth, input }) => {
87
87
  return pipethroughProcedure(ctx, req, auth.credentials.did, input.body)
88
88
  },
package/src/api/com/atproto/admin/getAccountInfo.ts CHANGED
@@ -32,6 +32,7 @@ export default function (server: Server, ctx: AppContext) {
32
32
  invitesDisabled: managesOwnInvites
33
33
  ? account.invitesDisabled === 1
34
34
  : undefined,
35
+ deactivatedAt: account.deactivatedAt ?? undefined,
35
36
  },
36
37
  }
37
38
  },
package/src/api/com/atproto/admin/getSubjectStatus.ts CHANGED
@@ -51,14 +51,15 @@ export default function (server: Server, ctx: AppContext) {
51
51
  }
52
52
  }
53
53
  } else if (did) {
54
- const takedown = await ctx.accountManager.getAccountTakedownStatus(did)
55
- if (takedown) {
54
+ const status = await ctx.accountManager.getAccountAdminStatus(did)
55
+ if (status) {
56
56
  body = {
57
57
  subject: {
58
58
  $type: 'com.atproto.admin.defs#repoRef',
59
59
  did: did,
60
60
  },
61
- takedown,
61
+ takedown: status.takedown,
62
+ deactivated: status.deactivated,
62
63
  }
63
64
  }
64
65
  } else {
package/src/api/com/atproto/admin/updateSubjectStatus.ts CHANGED
@@ -13,7 +13,7 @@ export default function (server: Server, ctx: AppContext) {
13
13
  server.com.atproto.admin.updateSubjectStatus({
14
14
  auth: ctx.authVerifier.moderator,
15
15
  handler: async ({ input }) => {
16
- const { subject, takedown } = input.body
16
+ const { subject, takedown, deactivated } = input.body
17
17
  if (takedown) {
18
18
  if (isRepoRef(subject)) {
19
19
  await ctx.accountManager.takedownAccount(subject.did, takedown)
@@ -36,6 +36,16 @@ export default function (server: Server, ctx: AppContext) {
36
36
  }
37
37
  }
38
38
 
39
+ if (deactivated) {
40
+ if (isRepoRef(subject)) {
41
+ if (deactivated.applied) {
42
+ await ctx.accountManager.deactivateAccount(subject.did, null)
43
+ } else {
44
+ await ctx.accountManager.activateAccount(subject.did)
45
+ }
46
+ }
47
+ }
48
+
39
49
  return {
40
50
  encoding: 'application/json',
41
51
  body: {
package/src/api/com/atproto/identity/getRecommendedDidCredentials.ts CHANGED
@@ -3,7 +3,7 @@ import AppContext from '../../../../context'
3
3
 
4
4
  export default function (server: Server, ctx: AppContext) {
5
5
  server.com.atproto.identity.getRecommendedDidCredentials({
6
- auth: ctx.authVerifier.access,
6
+ auth: ctx.authVerifier.accessStandard(),
7
7
  handler: async ({ auth }) => {
8
8
  const requester = auth.credentials.did
9
9
  const signingKey = await ctx.actorStore.keypair(requester)
package/src/api/com/atproto/identity/requestPlcOperationSignature.ts CHANGED
@@ -5,7 +5,7 @@ import { authPassthru } from '../../../proxy'
5
5
 
6
6
  export default function (server: Server, ctx: AppContext) {
7
7
  server.com.atproto.identity.requestPlcOperationSignature({
8
- auth: ctx.authVerifier.accessFull,
8
+ auth: ctx.authVerifier.accessFull(),
9
9
  handler: async ({ auth, req }) => {
10
10
  if (ctx.entrywayAgent) {
11
11
  await ctx.entrywayAgent.com.atproto.identity.requestPlcOperationSignature(
package/src/api/com/atproto/identity/signPlcOperation.ts CHANGED
@@ -7,7 +7,7 @@ import { authPassthru, resultPassthru } from '../../../proxy'
7
7
 
8
8
  export default function (server: Server, ctx: AppContext) {
9
9
  server.com.atproto.identity.signPlcOperation({
10
- auth: ctx.authVerifier.accessFull,
10
+ auth: ctx.authVerifier.accessFull(),
11
11
  handler: async ({ auth, input, req }) => {
12
12
  if (ctx.entrywayAgent) {
13
13
  return resultPassthru(
package/src/api/com/atproto/identity/submitPlcOperation.ts CHANGED
@@ -7,7 +7,7 @@ import { httpLogger as log } from '../../../../logger'
7
7
 
8
8
  export default function (server: Server, ctx: AppContext) {
9
9
  server.com.atproto.identity.submitPlcOperation({
10
- auth: ctx.authVerifier.access,
10
+ auth: ctx.authVerifier.accessStandard(),
11
11
  handler: async ({ auth, input }) => {
12
12
  const requester = auth.credentials.did
13
13
  const op = input.body.operation
package/src/api/com/atproto/identity/updateHandle.ts CHANGED
@@ -8,7 +8,7 @@ import { authPassthru } from '../../../proxy'
8
8
 
9
9
  export default function (server: Server, ctx: AppContext) {
10
10
  server.com.atproto.identity.updateHandle({
11
- auth: ctx.authVerifier.accessCheckTakedown,
11
+ auth: ctx.authVerifier.accessStandard({ checkTakedown: true }),
12
12
  rateLimit: [
13
13
  {
14
14
  durationMs: 5 * MINUTE,
package/src/api/com/atproto/repo/applyWrites.ts CHANGED
@@ -31,7 +31,10 @@ const ratelimitPoints = ({ input }: { input: HandlerInput }) => {
31
31
 
32
32
  export default function (server: Server, ctx: AppContext) {
33
33
  server.com.atproto.repo.applyWrites({
34
- auth: ctx.authVerifier.accessCheckTakedown,
34
+ auth: ctx.authVerifier.accessStandard({
35
+ checkTakedown: true,
36
+ checkDeactivated: true,
37
+ }),
35
38
  rateLimit: [
36
39
  {
37
40
  name: 'repo-write-hour',
package/src/api/com/atproto/repo/createRecord.ts CHANGED
@@ -12,7 +12,10 @@ import AppContext from '../../../../context'
12
12
 
13
13
  export default function (server: Server, ctx: AppContext) {
14
14
  server.com.atproto.repo.createRecord({
15
- auth: ctx.authVerifier.accessCheckTakedown,
15
+ auth: ctx.authVerifier.accessStandard({
16
+ checkTakedown: true,
17
+ checkDeactivated: true,
18
+ }),
16
19
  rateLimit: [
17
20
  {
18
21
  name: 'repo-write-hour',
package/src/api/com/atproto/repo/deleteRecord.ts CHANGED
@@ -7,7 +7,10 @@ import { CID } from 'multiformats/cid'
7
7
 
8
8
  export default function (server: Server, ctx: AppContext) {
9
9
  server.com.atproto.repo.deleteRecord({
10
- auth: ctx.authVerifier.accessCheckTakedown,
10
+ auth: ctx.authVerifier.accessStandard({
11
+ checkTakedown: true,
12
+ checkDeactivated: true,
13
+ }),
11
14
  rateLimit: [
12
15
  {
13
16
  name: 'repo-write-hour',
package/src/api/com/atproto/repo/importRepo.ts CHANGED
@@ -17,7 +17,9 @@ import { BlobRef, LexValue, RepoRecord } from '@atproto/lexicon'
17
17
 
18
18
  export default function (server: Server, ctx: AppContext) {
19
19
  server.com.atproto.repo.importRepo({
20
- auth: ctx.authVerifier.accessFull,
20
+ auth: ctx.authVerifier.accessFull({
21
+ checkTakedown: true,
22
+ }),
21
23
  handler: async ({ input, auth }) => {
22
24
  const did = auth.credentials.did
23
25
  if (!ctx.cfg.service.acceptingImports) {
package/src/api/com/atproto/repo/listMissingBlobs.ts CHANGED
@@ -3,7 +3,7 @@ import AppContext from '../../../../context'
3
3
 
4
4
  export default function (server: Server, ctx: AppContext) {
5
5
  server.com.atproto.repo.listMissingBlobs({
6
- auth: ctx.authVerifier.access,
6
+ auth: ctx.authVerifier.accessStandard(),
7
7
  handler: async ({ auth, params }) => {
8
8
  const did = auth.credentials.did
9
9
  const { limit, cursor } = params
package/src/api/com/atproto/repo/putRecord.ts CHANGED
@@ -19,7 +19,10 @@ import { ActorStoreTransactor } from '../../../../actor-store'
19
19
 
20
20
  export default function (server: Server, ctx: AppContext) {
21
21
  server.com.atproto.repo.putRecord({
22
- auth: ctx.authVerifier.accessCheckTakedown,
22
+ auth: ctx.authVerifier.accessStandard({
23
+ checkTakedown: true,
24
+ checkDeactivated: true,
25
+ }),
23
26
  rateLimit: [
24
27
  {
25
28
  name: 'repo-write-hour',
package/src/api/com/atproto/repo/uploadBlob.ts CHANGED
@@ -6,7 +6,9 @@ import { BlobMetadata } from '../../../../actor-store/blob/transactor'
6
6
 
7
7
  export default function (server: Server, ctx: AppContext) {
8
8
  server.com.atproto.repo.uploadBlob({
9
- auth: ctx.authVerifier.accessCheckTakedown,
9
+ auth: ctx.authVerifier.accessStandard({
10
+ checkTakedown: true,
11
+ }),
10
12
  rateLimit: {
11
13
  durationMs: DAY,
12
14
  points: 1000,
package/src/api/com/atproto/server/activateAccount.ts CHANGED
@@ -7,7 +7,7 @@ import { assertValidDidDocumentForService } from './util'
7
7
 
8
8
  export default function (server: Server, ctx: AppContext) {
9
9
  server.com.atproto.server.activateAccount({
10
- auth: ctx.authVerifier.accessFull,
10
+ auth: ctx.authVerifier.accessFull(),
11
11
  handler: async ({ auth }) => {
12
12
  const requester = auth.credentials.did
13
13
 
package/src/api/com/atproto/server/checkAccountStatus.ts CHANGED
@@ -4,7 +4,7 @@ import { isValidDidDocForService } from './util'
4
4
 
5
5
  export default function (server: Server, ctx: AppContext) {
6
6
  server.com.atproto.server.checkAccountStatus({
7
- auth: ctx.authVerifier.access,
7
+ auth: ctx.authVerifier.accessStandard(),
8
8
  handler: async ({ auth }) => {
9
9
  const requester = auth.credentials.did
10
10
  const [
package/src/api/com/atproto/server/confirmEmail.ts CHANGED
@@ -5,7 +5,7 @@ import { authPassthru } from '../../../proxy'
5
5
 
6
6
  export default function (server: Server, ctx: AppContext) {
7
7
  server.com.atproto.server.confirmEmail({
8
- auth: ctx.authVerifier.accessCheckTakedown,
8
+ auth: ctx.authVerifier.accessStandard({ checkTakedown: true }),
9
9
  handler: async ({ auth, input, req }) => {
10
10
  const did = auth.credentials.did
11
11
 
package/src/api/com/atproto/server/createAppPassword.ts CHANGED
@@ -4,7 +4,9 @@ import { authPassthru, resultPassthru } from '../../../proxy'
4
4
 
5
5
  export default function (server: Server, ctx: AppContext) {
6
6
  server.com.atproto.server.createAppPassword({
7
- auth: ctx.authVerifier.accessFull,
7
+ auth: ctx.authVerifier.accessFull({
8
+ checkTakedown: true,
9
+ }),
8
10
  handler: async ({ auth, input, req }) => {
9
11
  if (ctx.entrywayAgent) {
10
12
  return resultPassthru(
package/src/api/com/atproto/server/createSession.ts CHANGED
@@ -86,6 +86,8 @@ export default function (server: Server, ctx: AppContext) {
86
86
  emailConfirmed: !!user.emailConfirmedAt,
87
87
  accessJwt,
88
88
  refreshJwt,
89
+ active: user.active,
90
+ status: user.status,
89
91
  },
90
92
  }
91
93
  },
package/src/api/com/atproto/server/deactivateAccount.ts CHANGED
@@ -3,7 +3,7 @@ import AppContext from '../../../../context'
3
3
 
4
4
  export default function (server: Server, ctx: AppContext) {
5
5
  server.com.atproto.server.deactivateAccount({
6
- auth: ctx.authVerifier.accessFull,
6
+ auth: ctx.authVerifier.accessFull(),
7
7
  handler: async ({ auth, input }) => {
8
8
  const requester = auth.credentials.did
9
9
  await ctx.accountManager.deactivateAccount(
package/src/api/com/atproto/server/getAccountInviteCodes.ts CHANGED
@@ -7,7 +7,7 @@ import { authPassthru, resultPassthru } from '../../../proxy'
7
7
 
8
8
  export default function (server: Server, ctx: AppContext) {
9
9
  server.com.atproto.server.getAccountInviteCodes({
10
- auth: ctx.authVerifier.accessFull,
10
+ auth: ctx.authVerifier.accessFull({ checkTakedown: true }),
11
11
  handler: async ({ params, auth, req }) => {
12
12
  if (ctx.entrywayAgent) {
13
13
  return resultPassthru(
package/src/api/com/atproto/server/getServiceAuth.ts CHANGED
@@ -4,7 +4,7 @@ import { Server } from '../../../../lexicon'
4
4
 
5
5
  export default function (server: Server, ctx: AppContext) {
6
6
  server.com.atproto.server.getServiceAuth({
7
- auth: ctx.authVerifier.accessAppPassPrivileged,
7
+ auth: ctx.authVerifier.accessPrivileged(),
8
8
  handler: async ({ params, auth }) => {
9
9
  const did = auth.credentials.did
10
10
  const keypair = await ctx.actorStore.keypair(did)
package/src/api/com/atproto/server/getSession.ts CHANGED
@@ -4,10 +4,13 @@ import AppContext from '../../../../context'
4
4
  import { Server } from '../../../../lexicon'
5
5
  import { authPassthru, resultPassthru } from '../../../proxy'
6
6
  import { didDocForSession } from './util'
7
+ import { AuthScope } from '../../../../auth-verifier'
7
8
 
8
9
  export default function (server: Server, ctx: AppContext) {
9
10
  server.com.atproto.server.getSession({
10
- auth: ctx.authVerifier.accessDeactived,
11
+ auth: ctx.authVerifier.accessStandard({
12
+ additional: [AuthScope.SignupQueued],
13
+ }),
11
14
  handler: async ({ auth, req }) => {
12
15
  if (ctx.entrywayAgent) {
13
16
  return resultPassthru(
@@ -20,7 +23,7 @@ export default function (server: Server, ctx: AppContext) {
20
23
 
21
24
  const did = auth.credentials.did
22
25
  const [user, didDoc] = await Promise.all([
23
- ctx.accountManager.getAccount(did),
26
+ ctx.accountManager.getAccount(did, { includeDeactivated: true }),
24
27
  didDocForSession(ctx, did),
25
28
  ])
26
29
  if (!user) {
@@ -36,6 +39,8 @@ export default function (server: Server, ctx: AppContext) {
36
39
  email: user.email ?? undefined,
37
40
  didDoc,
38
41
  emailConfirmed: !!user.emailConfirmedAt,
42
+ active: user.active,
43
+ status: user.status,
39
44
  },
40
45
  }
41
46
  },
package/src/api/com/atproto/server/listAppPasswords.ts CHANGED
@@ -4,7 +4,7 @@ import { authPassthru, resultPassthru } from '../../../proxy'
4
4
 
5
5
  export default function (server: Server, ctx: AppContext) {
6
6
  server.com.atproto.server.listAppPasswords({
7
- auth: ctx.authVerifier.access,
7
+ auth: ctx.authVerifier.accessStandard(),
8
8
  handler: async ({ auth, req }) => {
9
9
  if (ctx.entrywayAgent) {
10
10
  return resultPassthru(
package/src/api/com/atproto/server/refreshSession.ts CHANGED
@@ -52,6 +52,8 @@ export default function (server: Server, ctx: AppContext) {
52
52
  handle: user.handle ?? INVALID_HANDLE,
53
53
  accessJwt: rotated.accessJwt,
54
54
  refreshJwt: rotated.refreshJwt,
55
+ active: user.active,
56
+ status: user.status,
55
57
  },
56
58
  }
57
59
  },
package/src/api/com/atproto/server/requestAccountDelete.ts CHANGED
@@ -18,7 +18,7 @@ export default function (server: Server, ctx: AppContext) {
18
18
  calcKey: ({ auth }) => auth.credentials.did,
19
19
  },
20
20
  ],
21
- auth: ctx.authVerifier.accessCheckTakedown,
21
+ auth: ctx.authVerifier.accessFull({ checkTakedown: true }),
22
22
  handler: async ({ auth, req }) => {
23
23
  const did = auth.credentials.did
24
24
  const account = await ctx.accountManager.getAccount(did, {
package/src/api/com/atproto/server/requestEmailConfirmation.ts CHANGED
@@ -18,7 +18,7 @@ export default function (server: Server, ctx: AppContext) {
18
18
  calcKey: ({ auth }) => auth.credentials.did,
19
19
  },
20
20
  ],
21
- auth: ctx.authVerifier.accessCheckTakedown,
21
+ auth: ctx.authVerifier.accessStandard({ checkTakedown: true }),
22
22
  handler: async ({ auth, req }) => {
23
23
  const did = auth.credentials.did
24
24
  const account = await ctx.accountManager.getAccount(did, {
package/src/api/com/atproto/server/requestEmailUpdate.ts CHANGED
@@ -18,7 +18,7 @@ export default function (server: Server, ctx: AppContext) {
18
18
  calcKey: ({ auth }) => auth.credentials.did,
19
19
  },
20
20
  ],
21
- auth: ctx.authVerifier.accessCheckTakedown,
21
+ auth: ctx.authVerifier.accessStandard({ checkTakedown: true }),
22
22
  handler: async ({ auth, req }) => {
23
23
  const did = auth.credentials.did
24
24
  const account = await ctx.accountManager.getAccount(did, {
package/src/api/com/atproto/server/revokeAppPassword.ts CHANGED
@@ -4,7 +4,7 @@ import { authPassthru } from '../../../proxy'
4
4
 
5
5
  export default function (server: Server, ctx: AppContext) {
6
6
  server.com.atproto.server.revokeAppPassword({
7
- auth: ctx.authVerifier.access,
7
+ auth: ctx.authVerifier.accessStandard(),
8
8
  handler: async ({ auth, input, req }) => {
9
9
  if (ctx.entrywayAgent) {
10
10
  await ctx.entrywayAgent.com.atproto.server.revokeAppPassword(
package/src/api/com/atproto/server/updateEmail.ts CHANGED
@@ -7,7 +7,7 @@ import { UserAlreadyExistsError } from '../../../../account-manager/helpers/acco
7
7
 
8
8
  export default function (server: Server, ctx: AppContext) {
9
9
  server.com.atproto.server.updateEmail({
10
- auth: ctx.authVerifier.accessFull,
10
+ auth: ctx.authVerifier.accessFull({ checkTakedown: true }),
11
11
  handler: async ({ auth, input, req }) => {
12
12
  const did = auth.credentials.did
13
13
  const { token, email } = input.body
package/src/api/com/atproto/sync/getRepoStatus.ts CHANGED
@@ -1,13 +1,13 @@
1
1
  import { Server } from '../../../../lexicon'
2
2
  import AppContext from '../../../../context'
3
- import { assertRepoAvailability, formatAccountStatus } from './util'
3
+ import { assertRepoAvailability } from './util'
4
4
 
5
5
  export default function (server: Server, ctx: AppContext) {
6
6
  server.com.atproto.sync.getRepoStatus({
7
7
  handler: async ({ params }) => {
8
8
  const { did } = params
9
9
  const account = await assertRepoAvailability(ctx, did, true)
10
- const { active, status } = formatAccountStatus(account)
10
+ const { active, status } = account
11
11
 
12
12
  let rev: string | undefined = undefined
13
13
  if (active) {
package/src/api/com/atproto/sync/listRepos.ts CHANGED
@@ -2,7 +2,7 @@ import { InvalidRequestError } from '@atproto/xrpc-server'
2
2
  import { Server } from '../../../../lexicon'
3
3
  import AppContext from '../../../../context'
4
4
  import { Cursor, GenericKeyset, paginate } from '../../../../db/pagination'
5
- import { formatAccountStatus } from './util'
5
+ import { formatAccountStatus } from '../../../../account-manager/helpers/account'
6
6
 
7
7
  export default function (server: Server, ctx: AppContext) {
8
8
  server.com.atproto.sync.listRepos(async ({ params }) => {
package/src/api/com/atproto/sync/util.ts CHANGED
@@ -1,8 +1,5 @@
1
1
  import { InvalidRequestError } from '@atproto/xrpc-server'
2
- import {
3
- AccountStatus,
4
- ActorAccount,
5
- } from '../../../../account-manager/helpers/account'
2
+ import { ActorAccount } from '../../../../account-manager/helpers/account'
6
3
  import AppContext from '../../../../context'
7
4
 
8
5
  export const assertRepoAvailability = async (
@@ -37,23 +34,3 @@ export const assertRepoAvailability = async (
37
34
  }
38
35
  return account
39
36
  }
40
-
41
- export const formatAccountStatus = (account: {
42
- takedownRef: string | null
43
- deactivatedAt: string | null
44
- }): {
45
- active: boolean
46
- status?: AccountStatus
47
- } => {
48
- let status: AccountStatus | undefined = undefined
49
- if (account.takedownRef) {
50
- status = AccountStatus.Takendown
51
- } else if (account.deactivatedAt) {
52
- status = AccountStatus.Deactivated
53
- }
54
- const active = !status
55
- return {
56
- active,
57
- status,
58
- }
59
- }
package/src/api/com/atproto/temp/checkSignupQueue.ts CHANGED
@@ -1,11 +1,14 @@
1
1
  import { Server } from '../../../../lexicon'
2
2
  import AppContext from '../../../../context'
3
3
  import { authPassthru, resultPassthru } from '../../../proxy'
4
+ import { AuthScope } from '../../../../auth-verifier'
4
5
 
5
6
  // THIS IS A TEMPORARY UNSPECCED ROUTE
6
7
  export default function (server: Server, ctx: AppContext) {
7
8
  server.com.atproto.temp.checkSignupQueue({
8
- auth: ctx.authVerifier.accessDeactived,
9
+ auth: ctx.authVerifier.accessStandard({
10
+ additional: [AuthScope.SignupQueued],
11
+ }),
9
12
  handler: async ({ req }) => {
10
13
  if (!ctx.entrywayAgent) {
11
14
  return {