Merge branch 'feature/1078-password-reset' into 'develop'

Feature/1078 password reset Closes #1078 See merge request pleroma/pleroma!1431
author: kaniini <ariadne@dereferenced.org> 2019-07-16 21:44:50 +0000
committer: kaniini <ariadne@dereferenced.org> 2019-07-16 21:44:50 +0000
commit: 0bbc0f0cf4ee87e8ac5995818c8049bf86e848cd (patch)
tree: 1740bc35a064b2eb6a7e8beed0796d1ab7192a89 /lib/pleroma/web
parent: 33fbb638cd815037741be25d0e47c3d16cc96971 (diff)
parent: 10f82c88b88fa4d26f6fa57f9cf36439012b8d0c (diff)
download: pleroma-0bbc0f0cf4ee87e8ac5995818c8049bf86e848cd.tar.gz
3 files changed, 26 insertions, 0 deletions
diff --git a/lib/pleroma/web/mastodon_api/mastodon_api_controller.ex b/lib/pleroma/web/mastodon_api/mastodon_api_controller.ex
index a732a6990..aff76e2ea 100644
--- a/lib/pleroma/web/mastodon_api/mastodon_api_controller.ex
+++ b/lib/pleroma/web/mastodon_api/mastodon_api_controller.ex
@@ -73,6 +73,7 @@ defmodule Pleroma.Web.MastodonAPI.MastodonAPIController do
   plug(RateLimiter, :statuses_actions when action in @rate_limited_status_actions)
   plug(RateLimiter, :app_account_creation when action == :account_register)
   plug(RateLimiter, :search when action in [:search, :search2, :account_search])
+  plug(RateLimiter, :password_reset when action == :password_reset)
 
   @local_mastodon_name "Mastodon-Local"
 
@@ -1816,6 +1817,22 @@ defmodule Pleroma.Web.MastodonAPI.MastodonAPIController do
     end
   end
 
+  def password_reset(conn, params) do
+    nickname_or_email = params["email"] || params["nickname"]
+
+    with {:ok, _} <- TwitterAPI.password_reset(nickname_or_email) do
+      conn
+      |> put_status(:no_content)
+      |> json("")
+    else
+      {:error, "unknown user"} ->
+        put_status(conn, :not_found)
+
+      {:error, _} ->
+        put_status(conn, :bad_request)
+    end
+  end
+
   def try_render(conn, target, params)
       when is_binary(target) do
     case render(conn, target, params) do
diff --git a/lib/pleroma/web/router.ex b/lib/pleroma/web/router.ex
index 3e5142e8a..52b8dc0bf 100644
--- a/lib/pleroma/web/router.ex
+++ b/lib/pleroma/web/router.ex
@@ -691,6 +691,8 @@ defmodule Pleroma.Web.Router do
     get("/web/login", MastodonAPIController, :login)
     delete("/auth/sign_out", MastodonAPIController, :logout)
 
+    post("/auth/password", MastodonAPIController, :password_reset)
+
     scope [] do
       pipe_through(:oauth_read_or_public)
       get("/web/*path", MastodonAPIController, :index)
diff --git a/lib/pleroma/web/twitter_api/twitter_api_controller.ex b/lib/pleroma/web/twitter_api/twitter_api_controller.ex
index 0313560a8..8cb703501 100644
--- a/lib/pleroma/web/twitter_api/twitter_api_controller.ex
+++ b/lib/pleroma/web/twitter_api/twitter_api_controller.ex
@@ -27,6 +27,7 @@ defmodule Pleroma.Web.TwitterAPI.Controller do
 
   require Logger
 
+  plug(Pleroma.Plugs.RateLimiter, :password_reset when action == :password_reset)
   plug(:only_if_public_instance when action in [:public_timeline, :public_and_external_timeline])
   action_fallback(:errors)
 
@@ -437,6 +438,12 @@ defmodule Pleroma.Web.TwitterAPI.Controller do
 
     with {:ok, _} <- TwitterAPI.password_reset(nickname_or_email) do
       json_response(conn, :no_content, "")
+    else
+      {:error, "unknown user"} ->
+        put_status(conn, :not_found)
+
+      {:error, _} ->
+        put_status(conn, :bad_request)
     end
   end
author	kaniini <ariadne@dereferenced.org>	2019-07-16 21:44:50 +0000
committer	kaniini <ariadne@dereferenced.org>	2019-07-16 21:44:50 +0000
commit	0bbc0f0cf4ee87e8ac5995818c8049bf86e848cd (patch)
tree	1740bc35a064b2eb6a7e8beed0796d1ab7192a89 /lib/pleroma/web
parent	33fbb638cd815037741be25d0e47c3d16cc96971 (diff)
parent	10f82c88b88fa4d26f6fa57f9cf36439012b8d0c (diff)
download	pleroma-0bbc0f0cf4ee87e8ac5995818c8049bf86e848cd.tar.gz