aboutsummaryrefslogtreecommitdiff
path: root/lib
diff options
context:
space:
mode:
Diffstat (limited to 'lib')
-rw-r--r--lib/pleroma/uploaders/local.ex6
-rw-r--r--lib/pleroma/web/endpoint.ex6
-rw-r--r--lib/pleroma/web/mastodon_api/mastodon_api_controller.ex4
-rw-r--r--lib/pleroma/web/mastodon_api/views/account_view.ex6
-rw-r--r--lib/pleroma/web/oauth/oauth_controller.ex16
-rw-r--r--lib/pleroma/web/router.ex3
6 files changed, 36 insertions, 5 deletions
diff --git a/lib/pleroma/uploaders/local.ex b/lib/pleroma/uploaders/local.ex
index d4624661f..d96481c8d 100644
--- a/lib/pleroma/uploaders/local.ex
+++ b/lib/pleroma/uploaders/local.ex
@@ -42,6 +42,10 @@ defmodule Pleroma.Uploaders.Local do
end
defp url_for(file) do
- "#{Web.base_url()}/media/#{file}"
+ settings = Application.get_env(:pleroma, Pleroma.Uploaders.Local)
+
+ Keyword.get(settings, :uploads_url)
+ |> String.replace("{{file}}", file)
+ |> String.replace("{{base_url}}", Web.base_url())
end
end
diff --git a/lib/pleroma/web/endpoint.ex b/lib/pleroma/web/endpoint.ex
index 1e5ac2721..955bd61f3 100644
--- a/lib/pleroma/web/endpoint.ex
+++ b/lib/pleroma/web/endpoint.ex
@@ -49,7 +49,11 @@ defmodule Pleroma.Web.Endpoint do
Plug.Session,
store: :cookie,
key: "_pleroma_key",
- signing_salt: "CqaoopA2"
+ signing_salt: "CqaoopA2",
+ http_only: true,
+ secure:
+ Application.get_env(:pleroma, Pleroma.Web.Endpoint) |> Keyword.get(:secure_cookie_flag),
+ extra: "SameSite=Strict"
)
plug(Pleroma.Web.Router)
diff --git a/lib/pleroma/web/mastodon_api/mastodon_api_controller.ex b/lib/pleroma/web/mastodon_api/mastodon_api_controller.ex
index 49a8655f0..f2fcc76ad 100644
--- a/lib/pleroma/web/mastodon_api/mastodon_api_controller.ex
+++ b/lib/pleroma/web/mastodon_api/mastodon_api_controller.ex
@@ -1188,4 +1188,8 @@ defmodule Pleroma.Web.MastodonAPI.MastodonAPIController do
json(conn, [])
end
end
+
+ def filters(conn, _) do
+ json(conn, [])
+ end
end
diff --git a/lib/pleroma/web/mastodon_api/views/account_view.ex b/lib/pleroma/web/mastodon_api/views/account_view.ex
index 85aac493f..7915933be 100644
--- a/lib/pleroma/web/mastodon_api/views/account_view.ex
+++ b/lib/pleroma/web/mastodon_api/views/account_view.ex
@@ -54,7 +54,7 @@ defmodule Pleroma.Web.MastodonAPI.AccountView do
source: %{
note: "",
privacy: user_info.default_scope,
- sensitive: "false"
+ sensitive: false
}
}
end
@@ -75,8 +75,10 @@ defmodule Pleroma.Web.MastodonAPI.AccountView do
followed_by: User.following?(target, user),
blocking: User.blocks?(user, target),
muting: false,
+ muting_notifications: false,
requested: false,
- domain_blocking: false
+ domain_blocking: false,
+ showing_reblogs: false
}
end
diff --git a/lib/pleroma/web/oauth/oauth_controller.ex b/lib/pleroma/web/oauth/oauth_controller.ex
index a5fb32a4e..160cedd8e 100644
--- a/lib/pleroma/web/oauth/oauth_controller.ex
+++ b/lib/pleroma/web/oauth/oauth_controller.ex
@@ -60,11 +60,13 @@ defmodule Pleroma.Web.OAuth.OAuthController do
fixed_token = fix_padding(params["code"]),
%Authorization{} = auth <-
Repo.get_by(Authorization, token: fixed_token, app_id: app.id),
- {:ok, token} <- Token.exchange_token(app, auth) do
+ {:ok, token} <- Token.exchange_token(app, auth),
+ {:ok, inserted_at} <- DateTime.from_naive(token.inserted_at, "Etc/UTC") do
response = %{
token_type: "Bearer",
access_token: token.token,
refresh_token: token.refresh_token,
+ created_at: DateTime.to_unix(inserted_at),
expires_in: 60 * 10,
scope: "read write follow"
}
@@ -116,6 +118,18 @@ defmodule Pleroma.Web.OAuth.OAuthController do
token_exchange(conn, params)
end
+ def token_revoke(conn, %{"token" => token} = params) do
+ with %App{} = app <- get_app_from_request(conn, params),
+ %Token{} = token <- Repo.get_by(Token, token: token, app_id: app.id),
+ {:ok, %Token{}} <- Repo.delete(token) do
+ json(conn, %{})
+ else
+ _error ->
+ # RFC 7009: invalid tokens [in the request] do not cause an error response
+ json(conn, %{})
+ end
+ end
+
defp fix_padding(token) do
token
|> Base.url_decode64!(padding: false)
diff --git a/lib/pleroma/web/router.ex b/lib/pleroma/web/router.ex
index f3604d465..856679899 100644
--- a/lib/pleroma/web/router.ex
+++ b/lib/pleroma/web/router.ex
@@ -103,6 +103,7 @@ defmodule Pleroma.Web.Router do
get("/authorize", OAuthController, :authorize)
post("/authorize", OAuthController, :create_authorization)
post("/token", OAuthController, :token_exchange)
+ post("/revoke", OAuthController, :token_revoke)
end
scope "/api/v1", Pleroma.Web.MastodonAPI do
@@ -171,6 +172,8 @@ defmodule Pleroma.Web.Router do
delete("/filters/:id", MastodonAPIController, :delete_filter)
get("/suggestions", MastodonAPIController, :suggestions)
+
+ get("/filters", MastodonAPIController, :filters)
end
scope "/api/web", Pleroma.Web.MastodonAPI do
generated by cgit v1.2.3 (git 2.26.2) at 2025-04-26 04:31:45 +0000