diff options
| author | kaniini <ariadne@dereferenced.org> | 2019-09-26 03:12:03 +0000 |
|---|---|---|
| committer | kaniini <ariadne@dereferenced.org> | 2019-09-26 03:12:03 +0000 |
| commit | a39e065916f16a5fe111cd6e6c73d211dbd1b9f5 (patch) | |
| tree | 76880e696f24284ace852a03c3008d48c057f5fe | |
| parent | 48a82c46096a560fe9331a63f19ace6faaf98c3d (diff) | |
| parent | 5e9759cd7d0730c14bcc44e9b3dbda94947d602f (diff) | |
| download | pleroma-a39e065916f16a5fe111cd6e6c73d211dbd1b9f5.tar.gz | |
Merge branch 'feature/return-link-for-password-reset' into 'develop'
Admin API: Return link alongside with token on password reset
See merge request pleroma/pleroma!1691
| -rw-r--r-- | CHANGELOG.md | 1 | ||||
| -rw-r--r-- | docs/api/admin_api.md | 10 | ||||
| -rw-r--r-- | lib/pleroma/web/admin_api/admin_api_controller.ex | 7 | ||||
| -rw-r--r-- | test/web/admin_api/admin_api_controller_test.exs | 4 |
4 files changed, 19 insertions, 3 deletions
diff --git a/CHANGELOG.md b/CHANGELOG.md index a853a6913..1a76e6cf8 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -14,6 +14,7 @@ The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.0.0/). - Introduced [quantum](https://github.com/quantum-elixir/quantum-core) job scheduler - Admin API: Return `total` when querying for reports - Mastodon API: Return `pleroma.direct_conversation_id` when creating a direct message (`POST /api/v1/statuses`) +- Admin API: Return link alongside with token on password reset ### Fixed - Mastodon API: Fix private and direct statuses not being filtered out from the public timeline for an authenticated user (`GET /api/v1/timelines/public`) diff --git a/docs/api/admin_api.md b/docs/api/admin_api.md index 9583883d3..d4e08f221 100644 --- a/docs/api/admin_api.md +++ b/docs/api/admin_api.md @@ -308,7 +308,15 @@ Note: Available `:permission_group` is currently moderator and admin. 404 is ret - Methods: `GET` - Params: none -- Response: password reset token (base64 string) +- Response: + +```json +{ + "token": "U13DX6muOvpRsj35_ij9wLxUbkU-eFvfKttxs6gIajo=", // password reset token (base64 string) + "link": "https://pleroma.social/api/pleroma/password_reset/U13DX6muOvpRsj35_ij9wLxUbkU-eFvfKttxs6gIajo%3D" +} +``` + ## `/api/pleroma/admin/users/:nickname/force_password_reset` diff --git a/lib/pleroma/web/admin_api/admin_api_controller.ex b/lib/pleroma/web/admin_api/admin_api_controller.ex index 9f85f0292..e9a048b9b 100644 --- a/lib/pleroma/web/admin_api/admin_api_controller.ex +++ b/lib/pleroma/web/admin_api/admin_api_controller.ex @@ -18,7 +18,9 @@ defmodule Pleroma.Web.AdminAPI.AdminAPIController do alias Pleroma.Web.AdminAPI.ReportView alias Pleroma.Web.AdminAPI.Search alias Pleroma.Web.CommonAPI + alias Pleroma.Web.Endpoint alias Pleroma.Web.MastodonAPI.StatusView + alias Pleroma.Web.Router import Pleroma.Web.ControllerHelper, only: [json_response: 3] @@ -435,7 +437,10 @@ defmodule Pleroma.Web.AdminAPI.AdminAPIController do {:ok, token} = Pleroma.PasswordResetToken.create_token(user) conn - |> json(token.token) + |> json(%{ + token: token.token, + link: Router.Helpers.reset_password_url(Endpoint, :reset, token.token) + }) end @doc "Force password reset for a given user" diff --git a/test/web/admin_api/admin_api_controller_test.exs b/test/web/admin_api/admin_api_controller_test.exs index f00e02a7a..00e64692a 100644 --- a/test/web/admin_api/admin_api_controller_test.exs +++ b/test/web/admin_api/admin_api_controller_test.exs @@ -586,7 +586,9 @@ defmodule Pleroma.Web.AdminAPI.AdminAPIControllerTest do |> put_req_header("accept", "application/json") |> get("/api/pleroma/admin/users/#{user.nickname}/password_reset") - assert conn.status == 200 + resp = json_response(conn, 200) + + assert Regex.match?(~r/(http:\/\/|https:\/\/)/, resp["link"]) end describe "GET /api/pleroma/admin/users" do |