14 files changed, 69 insertions, 48 deletions
diff --git a/lib/pleroma/web/activity_pub/activity_pub.ex b/lib/pleroma/web/activity_pub/activity_pub.ex
index 51a9c6169..65dd251f3 100644
--- a/lib/pleroma/web/activity_pub/activity_pub.ex
+++ b/lib/pleroma/web/activity_pub/activity_pub.ex
@@ -568,7 +568,6 @@ defmodule Pleroma.Web.ActivityPub.ActivityPub do
     |> fetch_activities_query(opts)
     |> restrict_unlisted()
     |> Pagination.fetch_paginated(opts, pagination)
-    |> Enum.reverse()
   end
 
   @valid_visibilities ~w[direct unlisted public private]
diff --git a/lib/pleroma/web/feed/feed_controller.ex b/lib/pleroma/web/feed/feed_controller.ex
index d91ecef9c..d0e23007d 100644
--- a/lib/pleroma/web/feed/feed_controller.ex
+++ b/lib/pleroma/web/feed/feed_controller.ex
@@ -33,21 +33,22 @@ defmodule Pleroma.Web.Feed.FeedController do
 
   def feed(conn, %{"nickname" => nickname} = params) do
     with {_, %User{} = user} <- {:fetch_user, User.get_cached_by_nickname(nickname)} do
-      query_params =
-        params
-        |> Map.take(["max_id"])
-        |> Map.put("type", ["Create"])
-        |> Map.put("whole_db", true)
-        |> Map.put("actor_id", user.ap_id)
-
       activities =
-        query_params
+        %{
+          "type" => ["Create"],
+          "whole_db" => true,
+          "actor_id" => user.ap_id
+        }
+        |> Map.merge(Map.take(params, ["max_id"]))
         |> ActivityPub.fetch_public_activities()
-        |> Enum.reverse()
 
       conn
       |> put_resp_content_type("application/atom+xml")
-      |> render("feed.xml", user: user, activities: activities)
+      |> render("feed.xml",
+        user: user,
+        activities: activities,
+        feed_config: Pleroma.Config.get([:feed])
+      )
     end
   end
 
diff --git a/lib/pleroma/web/feed/feed_view.ex b/lib/pleroma/web/feed/feed_view.ex
index 5eef1e757..bb1332fd3 100644
--- a/lib/pleroma/web/feed/feed_view.ex
+++ b/lib/pleroma/web/feed/feed_view.ex
@@ -6,12 +6,23 @@ defmodule Pleroma.Web.Feed.FeedView do
   use Phoenix.HTML
   use Pleroma.Web, :view
 
+  alias Pleroma.Formatter
   alias Pleroma.Object
   alias Pleroma.User
   alias Pleroma.Web.MediaProxy
 
   require Pleroma.Constants
 
+  def prepare_activity(activity) do
+    object = activity_object(activity)
+
+    %{
+      activity: activity,
+      data: Map.get(object, :data),
+      object: object
+    }
+  end
+
   def most_recent_update(activities, user) do
     (List.first(activities) || user).updated_at
     |> NaiveDateTime.to_iso8601()
@@ -23,31 +34,23 @@ defmodule Pleroma.Web.Feed.FeedView do
     |> MediaProxy.url()
   end
 
-  def last_activity(activities) do
-    List.last(activities)
-  end
+  def last_activity(activities), do: List.last(activities)
 
-  def activity_object(activity) do
-    Object.normalize(activity)
-  end
+  def activity_object(activity), do: Object.normalize(activity)
 
-  def activity_object_data(activity) do
-    activity
-    |> activity_object()
-    |> Map.get(:data)
+  def activity_title(%{data: %{"content" => content}}, opts \\ %{}) do
+    content
+    |> Formatter.truncate(opts[:max_length], opts[:omission])
+    |> escape()
   end
 
-  def activity_content(activity) do
-    content = activity_object_data(activity)["content"]
-
+  def activity_content(%{data: %{"content" => content}}) do
     content
     |> String.replace(~r/[\n\r]/, "")
     |> escape()
   end
 
-  def activity_context(activity) do
-    activity.data["context"]
-  end
+  def activity_context(activity), do: activity.data["context"]
 
   def attachment_href(attachment) do
     attachment["url"]
diff --git a/lib/pleroma/web/mastodon_api/controllers/account_controller.ex b/lib/pleroma/web/mastodon_api/controllers/account_controller.ex
index 73fad519e..5b01b964b 100644
--- a/lib/pleroma/web/mastodon_api/controllers/account_controller.ex
+++ b/lib/pleroma/web/mastodon_api/controllers/account_controller.ex
@@ -66,9 +66,9 @@ defmodule Pleroma.Web.MastodonAPI.AccountController do
   @relations [:follow, :unfollow]
   @needs_account ~W(followers following lists follow unfollow mute unmute block unblock)a
 
-  plug(RateLimiter, {:relations_id_action, params: ["id", "uri"]} when action in @relations)
-  plug(RateLimiter, :relations_actions when action in @relations)
-  plug(RateLimiter, :app_account_creation when action == :create)
+  plug(RateLimiter, [name: :relations_id_action, params: ["id", "uri"]] when action in @relations)
+  plug(RateLimiter, [name: :relations_actions] when action in @relations)
+  plug(RateLimiter, [name: :app_account_creation] when action == :create)
   plug(:assign_account_by_id when action in @needs_account)
 
   action_fallback(Pleroma.Web.MastodonAPI.FallbackController)
diff --git a/lib/pleroma/web/mastodon_api/controllers/auth_controller.ex b/lib/pleroma/web/mastodon_api/controllers/auth_controller.ex
index bfd5120ba..d9e51de7f 100644
--- a/lib/pleroma/web/mastodon_api/controllers/auth_controller.ex
+++ b/lib/pleroma/web/mastodon_api/controllers/auth_controller.ex
@@ -15,7 +15,7 @@ defmodule Pleroma.Web.MastodonAPI.AuthController do
 
   @local_mastodon_name "Mastodon-Local"
 
-  plug(Pleroma.Plugs.RateLimiter, :password_reset when action == :password_reset)
+  plug(Pleroma.Plugs.RateLimiter, [name: :password_reset] when action == :password_reset)
 
   @doc "GET /web/login"
   def login(%{assigns: %{user: %User{}}} = conn, _params) do
diff --git a/lib/pleroma/web/mastodon_api/controllers/search_controller.ex b/lib/pleroma/web/mastodon_api/controllers/search_controller.ex
index 6cfd68a84..0a929f55b 100644
--- a/lib/pleroma/web/mastodon_api/controllers/search_controller.ex
+++ b/lib/pleroma/web/mastodon_api/controllers/search_controller.ex
@@ -22,7 +22,7 @@ defmodule Pleroma.Web.MastodonAPI.SearchController do
 
   plug(Pleroma.Plugs.EnsurePublicOrAuthenticatedPlug)
 
-  plug(RateLimiter, :search when action in [:search, :search2, :account_search])
+  plug(RateLimiter, [name: :search] when action in [:search, :search2, :account_search])
 
   def account_search(%{assigns: %{user: user}} = conn, %{"q" => query} = params) do
     accounts = User.search(query, search_options(params, user))
diff --git a/lib/pleroma/web/mastodon_api/controllers/status_controller.ex b/lib/pleroma/web/mastodon_api/controllers/status_controller.ex
index e5d016f63..74b223cf4 100644
--- a/lib/pleroma/web/mastodon_api/controllers/status_controller.ex
+++ b/lib/pleroma/web/mastodon_api/controllers/status_controller.ex
@@ -82,17 +82,17 @@ defmodule Pleroma.Web.MastodonAPI.StatusController do
 
   plug(
     RateLimiter,
-    {:status_id_action, bucket_name: "status_id_action:reblog_unreblog", params: ["id"]}
+    [name: :status_id_action, bucket_name: "status_id_action:reblog_unreblog", params: ["id"]]
     when action in ~w(reblog unreblog)a
   )
 
   plug(
     RateLimiter,
-    {:status_id_action, bucket_name: "status_id_action:fav_unfav", params: ["id"]}
+    [name: :status_id_action, bucket_name: "status_id_action:fav_unfav", params: ["id"]]
     when action in ~w(favourite unfavourite)a
   )
 
-  plug(RateLimiter, :statuses_actions when action in @rate_limited_status_actions)
+  plug(RateLimiter, [name: :statuses_actions] when action in @rate_limited_status_actions)
 
   action_fallback(Pleroma.Web.MastodonAPI.FallbackController)
 
diff --git a/lib/pleroma/web/mastodon_api/controllers/timeline_controller.ex b/lib/pleroma/web/mastodon_api/controllers/timeline_controller.ex
index f2d2d3ccb..384159336 100644
--- a/lib/pleroma/web/mastodon_api/controllers/timeline_controller.ex
+++ b/lib/pleroma/web/mastodon_api/controllers/timeline_controller.ex
@@ -71,7 +71,6 @@ defmodule Pleroma.Web.MastodonAPI.TimelineController do
       |> Map.put("blocking_user", user)
       |> Map.put("muting_user", user)
       |> ActivityPub.fetch_public_activities()
-      |> Enum.reverse()
 
     conn
     |> add_link_headers(activities, %{"local" => local_only})
@@ -110,7 +109,6 @@ defmodule Pleroma.Web.MastodonAPI.TimelineController do
       |> Map.put("tag_all", tag_all)
       |> Map.put("tag_reject", tag_reject)
       |> ActivityPub.fetch_public_activities()
-      |> Enum.reverse()
 
     conn
     |> add_link_headers(activities, %{"local" => local_only})
diff --git a/lib/pleroma/web/mongooseim/mongoose_im_controller.ex b/lib/pleroma/web/mongooseim/mongoose_im_controller.ex
index 6ed181cff..358600e7d 100644
--- a/lib/pleroma/web/mongooseim/mongoose_im_controller.ex
+++ b/lib/pleroma/web/mongooseim/mongoose_im_controller.ex
@@ -10,8 +10,8 @@ defmodule Pleroma.Web.MongooseIM.MongooseIMController do
   alias Pleroma.Repo
   alias Pleroma.User
 
-  plug(RateLimiter, :authentication when action in [:user_exists, :check_password])
-  plug(RateLimiter, {:authentication, params: ["user"]} when action == :check_password)
+  plug(RateLimiter, [name: :authentication] when action in [:user_exists, :check_password])
+  plug(RateLimiter, [name: :authentication, params: ["user"]] when action == :check_password)
 
   def user_exists(conn, %{"user" => username}) do
     with %User{} <- Repo.get_by(User, nickname: username, local: true) do
diff --git a/lib/pleroma/web/oauth/oauth_controller.ex b/lib/pleroma/web/oauth/oauth_controller.ex
index fe71aca8c..2aee8cab2 100644
--- a/lib/pleroma/web/oauth/oauth_controller.ex
+++ b/lib/pleroma/web/oauth/oauth_controller.ex
@@ -6,6 +6,7 @@ defmodule Pleroma.Web.OAuth.OAuthController do
   use Pleroma.Web, :controller
 
   alias Pleroma.Helpers.UriHelper
+  alias Pleroma.Plugs.RateLimiter
   alias Pleroma.Registration
   alias Pleroma.Repo
   alias Pleroma.User
@@ -24,7 +25,7 @@ defmodule Pleroma.Web.OAuth.OAuthController do
 
   plug(:fetch_session)
   plug(:fetch_flash)
-  plug(Pleroma.Plugs.RateLimiter, :authentication when action == :create_authorization)
+  plug(RateLimiter, [name: :authentication] when action == :create_authorization)
 
   action_fallback(Pleroma.Web.OAuth.FallbackController)
 
@@ -36,7 +37,7 @@ defmodule Pleroma.Web.OAuth.OAuthController do
     authorize(conn, Map.merge(params, auth_attrs))
   end
 
-  def authorize(%Plug.Conn{assigns: %{token: %Token{}}} = conn, params) do
+  def authorize(%Plug.Conn{assigns: %{token: %Token{}}} = conn, %{"force_login" => _} = params) do
     if ControllerHelper.truthy_param?(params["force_login"]) do
       do_authorize(conn, params)
     else
@@ -44,6 +45,22 @@ defmodule Pleroma.Web.OAuth.OAuthController do
     end
   end
 
+  # Note: the token is set in oauth_plug, but the token and client do not always go together.
+  # For example, MastodonFE's token is set if user requests with another client,
+  # after user already authorized to MastodonFE.
+  # So we have to check client and token.
+  def authorize(
+        %Plug.Conn{assigns: %{token: %Token{} = token}} = conn,
+        %{"client_id" => client_id} = params
+      ) do
+    with %Token{} = t <- Repo.get_by(Token, token: token.token) |> Repo.preload(:app),
+         ^client_id <- t.app.client_id do
+      handle_existing_authorization(conn, params)
+    else
+      _ -> do_authorize(conn, params)
+    end
+  end
+
   def authorize(%Plug.Conn{} = conn, params), do: do_authorize(conn, params)
 
   defp do_authorize(%Plug.Conn{} = conn, params) do
diff --git a/lib/pleroma/web/ostatus/ostatus_controller.ex b/lib/pleroma/web/ostatus/ostatus_controller.ex
index 6958519de..12a7c2365 100644
--- a/lib/pleroma/web/ostatus/ostatus_controller.ex
+++ b/lib/pleroma/web/ostatus/ostatus_controller.ex
@@ -8,6 +8,7 @@ defmodule Pleroma.Web.OStatus.OStatusController do
   alias Fallback.RedirectController
   alias Pleroma.Activity
   alias Pleroma.Object
+  alias Pleroma.Plugs.RateLimiter
   alias Pleroma.User
   alias Pleroma.Web.ActivityPub.ActivityPubController
   alias Pleroma.Web.ActivityPub.ObjectView
@@ -17,8 +18,8 @@ defmodule Pleroma.Web.OStatus.OStatusController do
   alias Pleroma.Web.Router
 
   plug(
-    Pleroma.Plugs.RateLimiter,
-    {:ap_routes, params: ["uuid"]} when action in [:object, :activity]
+    RateLimiter,
+    [name: :ap_routes, params: ["uuid"]] when action in [:object, :activity]
   )
 
   plug(
diff --git a/lib/pleroma/web/pleroma_api/controllers/account_controller.ex b/lib/pleroma/web/pleroma_api/controllers/account_controller.ex
index db6faac83..bc2f1017c 100644
--- a/lib/pleroma/web/pleroma_api/controllers/account_controller.ex
+++ b/lib/pleroma/web/pleroma_api/controllers/account_controller.ex
@@ -42,7 +42,7 @@ defmodule Pleroma.Web.PleromaAPI.AccountController do
     when action != :confirmation_resend
   )
 
-  plug(RateLimiter, :account_confirmation_resend when action == :confirmation_resend)
+  plug(RateLimiter, [name: :account_confirmation_resend] when action == :confirmation_resend)
   plug(:assign_account_by_id when action in [:favourites, :subscribe, :unsubscribe])
   plug(:put_view, Pleroma.Web.MastodonAPI.AccountView)
 
diff --git a/lib/pleroma/web/templates/feed/feed/_activity.xml.eex b/lib/pleroma/web/templates/feed/feed/_activity.xml.eex
index d1f5e903c..514eacaed 100644
--- a/lib/pleroma/web/templates/feed/feed/_activity.xml.eex
+++ b/lib/pleroma/web/templates/feed/feed/_activity.xml.eex
@@ -2,11 +2,13 @@
   <activity:object-type>http://activitystrea.ms/schema/1.0/note</activity:object-type>
   <activity:verb>http://activitystrea.ms/schema/1.0/post</activity:verb>
   <id><%= @data["id"] %></id>
-  <title><%= "New note by #{@user.nickname}" %></title>
-  <content type="html"><%= activity_content(@activity) %></content>
+  <title><%= activity_title(@object, Keyword.get(@feed_config, :post_title, %{})) %></title>
+  <content type="html"><%= activity_content(@object) %></content>
   <published><%= @data["published"] %></published>
   <updated><%= @data["published"] %></updated>
-  <ostatus:conversation ref="<%= activity_context(@activity) %>"><%= activity_context(@activity) %></ostatus:conversation>
+  <ostatus:conversation ref="<%= activity_context(@activity) %>">
+    <%= activity_context(@activity) %>
+  </ostatus:conversation>
   <link ref="<%= activity_context(@activity) %>" rel="ostatus:conversation"/>
 
   <%= if @data["summary"] do %>
diff --git a/lib/pleroma/web/templates/feed/feed/feed.xml.eex b/lib/pleroma/web/templates/feed/feed/feed.xml.eex
index 45df9dc09..5ae36d345 100644
--- a/lib/pleroma/web/templates/feed/feed/feed.xml.eex
+++ b/lib/pleroma/web/templates/feed/feed/feed.xml.eex
@@ -19,6 +19,6 @@
   <% end %>
 
   <%= for activity <- @activities do %>
-    <%= render @view_module, "_activity.xml", Map.merge(assigns, %{activity: activity, data: activity_object_data(activity)}) %>
+  <%= render @view_module, "_activity.xml", Map.merge(assigns, prepare_activity(activity)) %>
   <% end %>
 </feed>