From 1c02b79f158814c7951d48179a0f91b653241e56 Mon Sep 17 00:00:00 2001
From: Bob Mottram <bob@freedombone.net>
Date: Thu, 25 Jul 2019 17:50:48 +0100
Subject: [PATCH] digest of sha256

---
 daemon.py | 12 +++---------
 person.py |  1 +
 2 files changed, 4 insertions(+), 9 deletions(-)

diff --git a/daemon.py b/daemon.py
index 54fe9875..977f182e 100644
--- a/daemon.py
+++ b/daemon.py
@@ -487,9 +487,7 @@ class PubServer(BaseHTTPRequestHandler):
             if currTimeGET-self.server.lastGET<10:
                 if self.server.debug:
                     print('DEBUG: GET Busy')
-                self.send_response(429)
-                if authorized:
-                    self.send_header('Authorization')                    
+                self.send_response(429)                    
                 self.end_headers()
                 return
             self.server.lastGET=currTimeGET
@@ -538,14 +536,10 @@ class PubServer(BaseHTTPRequestHandler):
                                     if postJsonObject.get('likes'):
                                         postJsonObject['likes']={}
                                 if 'text/html' in self.headers['Accept']:
-                                    self._set_headers('text/html')
-                                    if authorized:
-                                        self.send_header('Authorization')                    
+                                    self._set_headers('text/html')                    
                                     self.wfile.write(htmlIndividualPost(postJsonObject).encode('utf-8'))
                                 else:
                                     self._set_headers('application/json')
-                                    if authorized:
-                                        self.send_header('Authorization')                    
                                     self.wfile.write(json.dumps(postJsonObject).encode('utf-8'))
                             self.server.GETbusy=False
                             return
@@ -1068,7 +1062,7 @@ class PubServer(BaseHTTPRequestHandler):
                     # any password changes.
                     if not self.server.salts.get(loginNickname):
                         self.server.salts[loginNickname]=createPassword(32)
-                    self.server.tokens[loginNickname]=str(sha256((loginNickname+loginPassword+self.server.salts[loginNickname]).encode('utf-8')))
+                    self.server.tokens[loginNickname]=sha256((loginNickname+loginPassword+self.server.salts[loginNickname]).encode('utf-8')).hexdigest()
                     self.server.tokensLookup[self.server.tokens[loginNickname]]=loginNickname
                     self.send_header('Set-Cookie', 'epicyon='+self.server.tokens[loginNickname]+'; SameSite=Strict')
                     self.send_header('Location', '/users/'+loginNickname+'/outbox')
diff --git a/person.py b/person.py
index f3177ddf..0dcd084e 100644
--- a/person.py
+++ b/person.py
@@ -17,6 +17,7 @@ from Crypto.PublicKey import RSA
 from shutil import copyfile
 from webfinger import createWebfingerEndpoint
 from webfinger import storeWebfingerEndpoint
+from posts import createInbox
 from posts import createOutbox
 from auth import storeBasicCredentials
 from roles import setRole