minor code cleanup and commenting

fedireads/api.py

@@ -19,34 +19,46 @@ def get_or_create_remote_user(actor):
     except models.User.DoesNotExist:
         pass
 
-    # get the user's info
+    # load the user's info from the actor url
     response = requests.get(
         actor,
         headers={'Accept': 'application/activity+json'}
     )
     data = response.json()
 
+    # the webfinger format for the username.
+    # TODO: get the user's domain in a better way
     username = '%s@%s' % (actor.split('/')[-1], actor.split('/')[2])
     shared_inbox = data.get('endpoints').get('sharedInbox') if \
         data.get('endpoints') else None
-    user = models.User.objects.create_user(
-        username, '', '',
-        name=data.get('name'),
-        summary=data.get('summary'),
-        inbox=data['inbox'],
-        outbox=data['outbox'],
-        shared_inbox=shared_inbox,
-        public_key=data.get('publicKey').get('publicKeyPem'),
-        actor=actor,
-        local=False
-    )
+
+    try:
+        user = models.User.objects.create_user(
+            username,
+            '', '', # email and passwords are left blank
+            actor=actor,
+            name=data.get('name'),
+            summary=data.get('summary'),
+            inbox=data['inbox'], #fail if there's no inbox
+            outbox=data['outbox'], # fail if there's no outbox
+            shared_inbox=shared_inbox,
+            # TODO: probably shouldn't bother to store this for remote users
+            public_key=data.get('publicKey').get('publicKeyPem'),
+            local=False
+        )
+    except KeyError:
+        return False
     return user
 
 
 def get_recipients(user, post_privacy, direct_recipients=None):
-    ''' deduplicated list of recipients '''
+    ''' deduplicated list of recipient inboxes '''
     recipients = direct_recipients or []
+    if post_privacy == 'direct':
+        # all we care about is direct_recipients, not followers
+        return recipients
 
+    # load all the followers of the user who is sending the message
     followers = user.followers.all()
     if post_privacy == 'public':
         # post to public shared inboxes
@@ -58,28 +70,28 @@ def get_recipients(user, post_privacy, direct_recipients=None):
         # don't send it to the shared inboxes
         inboxes = set(u.inbox for u in followers)
         recipients += list(inboxes)
-    # if post privacy is direct, we just have direct recipients,
-    # which is already set. hurray
     return recipients
 
 
-def broadcast(sender, action, recipients):
+def broadcast(sender, activity, recipients):
     ''' send out an event '''
     errors = []
     for recipient in recipients:
         try:
-            sign_and_send(sender, action, recipient)
+            sign_and_send(sender, activity, recipient)
         except requests.exceptions.HTTPError as e:
+            # TODO: maybe keep track of users who cause errors
             errors.append({
                 'error': e,
                 'recipient': recipient,
-                'activity': action,
+                'activity': activity,
             })
     return errors
 
 
-def sign_and_send(sender, action, destination):
+def sign_and_send(sender, activity, destination):
     ''' crpyto whatever and http junk '''
+    # TODO: handle http[s] with regex
     inbox_fragment = sender.inbox.replace('https://%s' % DOMAIN, '')
     now = datetime.utcnow().isoformat()
     signature_headers = [
@@ -88,6 +100,8 @@ def sign_and_send(sender, action, destination):
         'date: %s' %  now
     ]
     message_to_sign = '\n'.join(signature_headers)
+
+    # TODO: raise an error if the user doesn't have a private key
     signer = pkcs1_15.new(RSA.import_key(sender.private_key))
     signed_message = signer.sign(SHA256.new(message_to_sign.encode('utf8')))
 
@@ -101,7 +115,7 @@ def sign_and_send(sender, action, destination):
 
     response = requests.post(
         destination,
-        data=json.dumps(action),
+        data=json.dumps(activity),
         headers={
             'Date': now,
             'Signature': signature,