diff options
| author | kaniini <nenolod@gmail.com> | 2018-12-20 13:28:36 +0000 |
|---|---|---|
| committer | kaniini <nenolod@gmail.com> | 2018-12-20 13:28:36 +0000 |
| commit | 2e2030ada8b9aa00936057d47260cd03d01d92be (patch) | |
| tree | 9fb353e3eaccb1dbd82738cf44ae5015100f6711 /lib/pleroma/web/twitter_api/twitter_api_controller.ex | |
| parent | 8de3138de07c0447ea3bc015ff71db25f8f9c931 (diff) | |
| parent | 851db74f1ca533f27f72f1341571948b15d2f561 (diff) | |
| download | pleroma-2e2030ada8b9aa00936057d47260cd03d01d92be.tar.gz | |
Merge branch '114_email_confirmation' into 'develop'
[#114] Email confirmation
See merge request pleroma/pleroma!546
Diffstat (limited to 'lib/pleroma/web/twitter_api/twitter_api_controller.ex')
| -rw-r--r-- | lib/pleroma/web/twitter_api/twitter_api_controller.ex | 39 |
1 files changed, 36 insertions, 3 deletions
diff --git a/lib/pleroma/web/twitter_api/twitter_api_controller.ex b/lib/pleroma/web/twitter_api/twitter_api_controller.ex index 327620302..c644681b0 100644 --- a/lib/pleroma/web/twitter_api/twitter_api_controller.ex +++ b/lib/pleroma/web/twitter_api/twitter_api_controller.ex @@ -96,10 +96,15 @@ defmodule Pleroma.Web.TwitterAPI.Controller do end def show_user(conn, params) do - with {:ok, shown} <- TwitterAPI.get_user(params) do + for_user = conn.assigns.user + + with {:ok, shown} <- TwitterAPI.get_user(params), + true <- + User.auth_active?(shown) || + (for_user && (for_user.id == shown.id || User.superuser?(for_user))) do params = - if user = conn.assigns.user do - %{user: shown, for: user} + if for_user do + %{user: shown, for: for_user} else %{user: shown} end @@ -110,6 +115,11 @@ defmodule Pleroma.Web.TwitterAPI.Controller do else {:error, msg} -> bad_request_reply(conn, msg) + + false -> + conn + |> put_status(404) + |> json(%{error: "Unconfirmed user"}) end end @@ -372,6 +382,29 @@ defmodule Pleroma.Web.TwitterAPI.Controller do end end + def confirm_email(conn, %{"user_id" => uid, "token" => token}) do + with %User{} = user <- Repo.get(User, uid), + true <- user.local, + true <- user.info.confirmation_pending, + true <- user.info.confirmation_token == token, + info_change <- User.Info.confirmation_changeset(user.info, :confirmed), + changeset <- Changeset.change(user) |> Changeset.put_embed(:info, info_change), + {:ok, _} <- User.update_and_set_cache(changeset) do + conn + |> redirect(to: "/") + end + end + + def resend_confirmation_email(conn, params) do + nickname_or_email = params["email"] || params["nickname"] + + with %User{} = user <- User.get_by_nickname_or_email(nickname_or_email), + {:ok, _} <- User.try_send_confirmation_email(user) do + conn + |> json_response(:no_content, "") + end + end + def update_avatar(%{assigns: %{user: user}} = conn, params) do {:ok, object} = ActivityPub.upload(params, type: :avatar) change = Changeset.change(user, %{avatar: object.data}) |