Vervis/migrations/2019_02_03_verifkey.model
fr33domlover 4053f2f2b4 Record usage of instance keys in the DB
When we verify an HTTP signature,

* If we know the key, check in the DB whether we know the actor lists it. If it
  doesn't, and there's room left for keys, HTTP GET the actor and update the DB
  accordingly.
* If we know the key but had to update it, do the same, check usage in DB and
  update DB if needed
* If we don't know the key, record usage in DB

However,

* If we're GETing a key and discovering it's a shared key, we GET the actor to
  verify it lists the key. When we don't know the key at all yet, that's fine
  (can be further optimized but it's marginal), but if it's a key we do know,
  it means we already know the actor and for now it's enough for us to rely
  only on the DB to test usage.
2019-02-19 10:54:55 +00:00

26 lines
420 B
Text

VerifKey
ident Text
instance InstanceId
expires UTCTime Maybe
public ByteString
sharer RemoteSharerId Maybe
UniqueVerifKey ident
VerifKeySharedUsage
key VerifKeyId
user RemoteSharerId
UniqueVerifKeySharedUsage key user
RemoteSharer
ident Text
instance InstanceId
inbox Text
UniqueRemoteSharer ident
Instance
host Text
UniqueInstance host