generate RSA key for old users

server/api/controller/user.js

@@ -235,6 +235,22 @@ const userController = {
 
     if (!req.body.password) { delete req.body.password }
 
+    // generate an rsa key in case not present
+    if (!req.rsa) {
+      const rsa = await generateKeyPair('rsa', {
+        modulusLength: 4096,
+        publicKeyEncoding: {
+          type: 'spki',
+          format: 'pem'
+        },
+        privateKeyEncoding: {
+          type: 'pkcs8',
+          format: 'pem'
+        }
+      })
+      req.body.rsa = rsa
+    }
+
     await user.update(req.body)
 
     if (!user.is_active && req.body.is_active && user.recover_code) {

server/federation/users.js

@@ -104,7 +104,7 @@ module.exports = {
       '@context': 'https://www.w3.org/ns/activitystreams',
       id: `${config.baseurl}/federation/u/${name}/outbox?page=${page}`,
       type: 'OrderedCollectionPage',
-      totalItems: user.followers.length,
+      totalItems: user.events.length,
       partOf: `${config.baseurl}/federation/u/${name}/outbox` ,
       orderedItems: user.events.map(e => ({
         id: `${config.baseurl}/federation/m/${e.id}#create`,

server/federation/webfinger.js

@@ -11,8 +11,7 @@ const debug = require('debug')('webfinger')
 router.use(cors())
 
 router.get('/webfinger', async (req, res) => {
-  const resource = req.query.resource
+  if (!req.query || !req.query.resource || !req.query.resource.includes('acct:')) {
-  if (!resource || !resource.includes('acct:')) {
     debug('Bad webfinger request => %s', resource.query)
     return res.status(400).send('Bad request. Please make sure "acct:USER@DOMAIN" is what you are sending as the "resource" query parameter.')
   }