Disallow password resets for deactivated accounts.

Ensure all responses to password reset events are identical.
author: Mark Felder <feld@FreeBSD.org> 2020-09-02 09:09:13 -0500
committer: Mark Felder <feld@FreeBSD.org> 2020-09-02 09:09:13 -0500
commit: cbf7f0e02943f44a73f4418b8c6a8bada06331d8 (patch)
tree: a02f49384d8e8c42586a5352193c9fbb76c1208a /lib/pleroma/web/mastodon_api/controllers
parent: d6e979aebe7d837aea8bf80323b937eab87e096d (diff)
download: pleroma-cbf7f0e02943f44a73f4418b8c6a8bada06331d8.tar.gz
1 files changed, 5 insertions, 11 deletions
diff --git a/lib/pleroma/web/mastodon_api/controllers/auth_controller.ex b/lib/pleroma/web/mastodon_api/controllers/auth_controller.ex
index 753b3db3e..9f09550e1 100644
--- a/lib/pleroma/web/mastodon_api/controllers/auth_controller.ex
+++ b/lib/pleroma/web/mastodon_api/controllers/auth_controller.ex
@@ -59,17 +59,11 @@ defmodule Pleroma.Web.MastodonAPI.AuthController do
   def password_reset(conn, params) do
     nickname_or_email = params["email"] || params["nickname"]
 
-    with {:ok, _} <- TwitterAPI.password_reset(nickname_or_email) do
-      conn
-      |> put_status(:no_content)
-      |> json("")
-    else
-      {:error, "unknown user"} ->
-        send_resp(conn, :not_found, "")
-
-      {:error, _} ->
-        send_resp(conn, :bad_request, "")
-    end
+    TwitterAPI.password_reset(nickname_or_email)
+
+    conn
+    |> put_status(:no_content)
+    |> json("")
   end
 
   defp local_mastodon_root_path(conn) do
author	Mark Felder <feld@FreeBSD.org>	2020-09-02 09:09:13 -0500
committer	Mark Felder <feld@FreeBSD.org>	2020-09-02 09:09:13 -0500
commit	cbf7f0e02943f44a73f4418b8c6a8bada06331d8 (patch)
tree	a02f49384d8e8c42586a5352193c9fbb76c1208a /lib/pleroma/web/mastodon_api/controllers
parent	d6e979aebe7d837aea8bf80323b937eab87e096d (diff)
download	pleroma-cbf7f0e02943f44a73f4418b8c6a8bada06331d8.tar.gz