1 # Pleroma: A lightweight social networking server
2 # Copyright © 2017-2020 Pleroma Authors <https://pleroma.social/>
3 # SPDX-License-Identifier: AGPL-3.0-only
5 defmodule Pleroma.Web.Router do
6 use Pleroma.Web, :router
8 pipeline :accepts_html do
9 plug(:accepts, ["html"])
12 pipeline :accepts_xml_rss_atom do
13 plug(:accepts, ["xml", "rss", "atom"])
17 plug(:accepts, ["html"])
23 plug(Pleroma.Plugs.OAuthPlug)
24 plug(Pleroma.Plugs.UserEnabledPlug)
27 pipeline :expect_authentication do
28 plug(Pleroma.Plugs.ExpectAuthenticatedCheckPlug)
31 pipeline :expect_public_instance_or_authentication do
32 plug(Pleroma.Plugs.ExpectPublicOrAuthenticatedCheckPlug)
35 pipeline :authenticate do
36 plug(Pleroma.Plugs.OAuthPlug)
37 plug(Pleroma.Plugs.BasicAuthDecoderPlug)
38 plug(Pleroma.Plugs.UserFetcherPlug)
39 plug(Pleroma.Plugs.SessionAuthenticationPlug)
40 plug(Pleroma.Plugs.LegacyAuthenticationPlug)
41 plug(Pleroma.Plugs.AuthenticationPlug)
44 pipeline :after_auth do
45 plug(Pleroma.Plugs.UserEnabledPlug)
46 plug(Pleroma.Plugs.SetUserSessionIdPlug)
47 plug(Pleroma.Plugs.EnsureUserKeyPlug)
51 plug(:accepts, ["json"])
54 plug(OpenApiSpex.Plug.PutApiSpec, module: Pleroma.Web.ApiSpec)
58 plug(:expect_public_instance_or_authentication)
61 plug(Pleroma.Plugs.IdempotencyPlug)
64 pipeline :authenticated_api do
65 plug(:expect_authentication)
68 plug(Pleroma.Plugs.EnsureAuthenticatedPlug)
69 plug(Pleroma.Plugs.IdempotencyPlug)
72 pipeline :admin_api do
73 plug(:expect_authentication)
75 plug(Pleroma.Plugs.AdminSecretAuthenticationPlug)
77 plug(Pleroma.Plugs.EnsureAuthenticatedPlug)
78 plug(Pleroma.Plugs.UserIsAdminPlug)
79 plug(Pleroma.Plugs.IdempotencyPlug)
82 pipeline :mastodon_html do
88 pipeline :pleroma_html do
91 plug(Pleroma.Plugs.EnsureUserKeyPlug)
94 pipeline :well_known do
95 plug(:accepts, ["json", "jrd+json", "xml", "xrd+xml"])
99 plug(:accepts, ["json", "xml"])
100 plug(OpenApiSpex.Plug.PutApiSpec, module: Pleroma.Web.ApiSpec)
103 pipeline :pleroma_api do
104 plug(:accepts, ["html", "json"])
105 plug(OpenApiSpex.Plug.PutApiSpec, module: Pleroma.Web.ApiSpec)
108 pipeline :mailbox_preview do
109 plug(:accepts, ["html"])
111 plug(:put_secure_browser_headers, %{
112 "content-security-policy" =>
113 "default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval'; style-src 'self' 'unsafe-inline' 'unsafe-eval'"
117 pipeline :http_signature do
118 plug(Pleroma.Web.Plugs.HTTPSignaturePlug)
119 plug(Pleroma.Web.Plugs.MappedSignatureToIdentityPlug)
122 scope "/api/pleroma", Pleroma.Web.TwitterAPI do
123 pipe_through(:pleroma_api)
125 get("/password_reset/:token", PasswordController, :reset, as: :reset_password)
126 post("/password_reset", PasswordController, :do_reset, as: :reset_password)
127 get("/emoji", UtilController, :emoji)
128 get("/captcha", UtilController, :captcha)
129 get("/healthcheck", UtilController, :healthcheck)
132 scope "/api/pleroma", Pleroma.Web do
133 pipe_through(:pleroma_api)
134 post("/uploader_callback/:upload_path", UploaderController, :callback)
137 scope "/api/pleroma/admin", Pleroma.Web.AdminAPI do
138 pipe_through(:admin_api)
140 post("/users/follow", AdminAPIController, :user_follow)
141 post("/users/unfollow", AdminAPIController, :user_unfollow)
143 put("/users/disable_mfa", AdminAPIController, :disable_mfa)
144 delete("/users", AdminAPIController, :user_delete)
145 post("/users", AdminAPIController, :users_create)
146 patch("/users/:nickname/toggle_activation", AdminAPIController, :user_toggle_activation)
147 patch("/users/activate", AdminAPIController, :user_activate)
148 patch("/users/deactivate", AdminAPIController, :user_deactivate)
149 patch("/users/approve", AdminAPIController, :user_approve)
150 put("/users/tag", AdminAPIController, :tag_users)
151 delete("/users/tag", AdminAPIController, :untag_users)
153 get("/users/:nickname/permission_group", AdminAPIController, :right_get)
154 get("/users/:nickname/permission_group/:permission_group", AdminAPIController, :right_get)
156 post("/users/:nickname/permission_group/:permission_group", AdminAPIController, :right_add)
159 "/users/:nickname/permission_group/:permission_group",
164 post("/users/permission_group/:permission_group", AdminAPIController, :right_add_multiple)
167 "/users/permission_group/:permission_group",
169 :right_delete_multiple
172 get("/relay", RelayController, :index)
173 post("/relay", RelayController, :follow)
174 delete("/relay", RelayController, :unfollow)
176 post("/users/invite_token", InviteController, :create)
177 get("/users/invites", InviteController, :index)
178 post("/users/revoke_invite", InviteController, :revoke)
179 post("/users/email_invite", InviteController, :email)
181 get("/users/:nickname/password_reset", AdminAPIController, :get_password_reset)
182 patch("/users/force_password_reset", AdminAPIController, :force_password_reset)
183 get("/users/:nickname/credentials", AdminAPIController, :show_user_credentials)
184 patch("/users/:nickname/credentials", AdminAPIController, :update_user_credentials)
186 get("/users", AdminAPIController, :list_users)
187 get("/users/:nickname", AdminAPIController, :user_show)
188 get("/users/:nickname/statuses", AdminAPIController, :list_user_statuses)
189 get("/users/:nickname/chats", AdminAPIController, :list_user_chats)
191 get("/instances/:instance/statuses", AdminAPIController, :list_instance_statuses)
193 get("/instance_document/:name", InstanceDocumentController, :show)
194 patch("/instance_document/:name", InstanceDocumentController, :update)
195 delete("/instance_document/:name", InstanceDocumentController, :delete)
197 patch("/users/confirm_email", AdminAPIController, :confirm_email)
198 patch("/users/resend_confirmation_email", AdminAPIController, :resend_confirmation_email)
200 get("/reports", ReportController, :index)
201 get("/reports/:id", ReportController, :show)
202 patch("/reports", ReportController, :update)
203 post("/reports/:id/notes", ReportController, :notes_create)
204 delete("/reports/:report_id/notes/:id", ReportController, :notes_delete)
206 get("/statuses/:id", StatusController, :show)
207 put("/statuses/:id", StatusController, :update)
208 delete("/statuses/:id", StatusController, :delete)
209 get("/statuses", StatusController, :index)
211 get("/config", ConfigController, :show)
212 post("/config", ConfigController, :update)
213 get("/config/descriptions", ConfigController, :descriptions)
214 get("/need_reboot", AdminAPIController, :need_reboot)
215 get("/restart", AdminAPIController, :restart)
217 get("/moderation_log", AdminAPIController, :list_log)
219 post("/reload_emoji", AdminAPIController, :reload_emoji)
220 get("/stats", AdminAPIController, :stats)
222 get("/oauth_app", OAuthAppController, :index)
223 post("/oauth_app", OAuthAppController, :create)
224 patch("/oauth_app/:id", OAuthAppController, :update)
225 delete("/oauth_app/:id", OAuthAppController, :delete)
227 get("/media_proxy_caches", MediaProxyCacheController, :index)
228 post("/media_proxy_caches/delete", MediaProxyCacheController, :delete)
229 post("/media_proxy_caches/purge", MediaProxyCacheController, :purge)
231 get("/chats/:id", ChatController, :show)
232 get("/chats/:id/messages", ChatController, :messages)
233 delete("/chats/:id/messages/:message_id", ChatController, :delete_message)
236 scope "/api/pleroma/emoji", Pleroma.Web.PleromaAPI do
239 pipe_through(:admin_api)
241 get("/import", EmojiPackController, :import_from_filesystem)
242 get("/remote", EmojiPackController, :remote)
243 post("/download", EmojiPackController, :download)
245 post("/:name", EmojiPackController, :create)
246 patch("/:name", EmojiPackController, :update)
247 delete("/:name", EmojiPackController, :delete)
249 post("/:name/files", EmojiFileController, :create)
250 patch("/:name/files", EmojiFileController, :update)
251 delete("/:name/files", EmojiFileController, :delete)
254 # Pack info / downloading
257 get("/", EmojiPackController, :index)
258 get("/:name", EmojiPackController, :show)
259 get("/:name/archive", EmojiPackController, :archive)
263 scope "/", Pleroma.Web.TwitterAPI do
264 pipe_through(:pleroma_html)
266 post("/main/ostatus", UtilController, :remote_subscribe)
267 get("/ostatus_subscribe", RemoteFollowController, :follow)
269 post("/ostatus_subscribe", RemoteFollowController, :do_follow)
272 scope "/api/pleroma", Pleroma.Web.TwitterAPI do
273 pipe_through(:authenticated_api)
275 post("/change_email", UtilController, :change_email)
276 post("/change_password", UtilController, :change_password)
277 post("/delete_account", UtilController, :delete_account)
278 put("/notification_settings", UtilController, :update_notificaton_settings)
279 post("/disable_account", UtilController, :disable_account)
282 scope "/api/pleroma", Pleroma.Web.PleromaAPI do
283 pipe_through(:authenticated_api)
285 post("/mutes_import", UserImportController, :mutes)
286 post("/blocks_import", UserImportController, :blocks)
287 post("/follow_import", UserImportController, :follow)
289 get("/accounts/mfa", TwoFactorAuthenticationController, :settings)
290 get("/accounts/mfa/backup_codes", TwoFactorAuthenticationController, :backup_codes)
291 get("/accounts/mfa/setup/:method", TwoFactorAuthenticationController, :setup)
292 post("/accounts/mfa/confirm/:method", TwoFactorAuthenticationController, :confirm)
293 delete("/accounts/mfa/:method", TwoFactorAuthenticationController, :disable)
296 scope "/oauth", Pleroma.Web.OAuth do
299 get("/authorize", OAuthController, :authorize)
302 post("/authorize", OAuthController, :create_authorization)
303 post("/token", OAuthController, :token_exchange)
304 post("/revoke", OAuthController, :token_revoke)
305 get("/registration_details", OAuthController, :registration_details)
307 post("/mfa/challenge", MFAController, :challenge)
308 post("/mfa/verify", MFAController, :verify, as: :mfa_verify)
309 get("/mfa", MFAController, :show)
312 pipe_through(:browser)
314 get("/prepare_request", OAuthController, :prepare_request)
315 get("/:provider", OAuthController, :request)
316 get("/:provider/callback", OAuthController, :callback)
317 post("/register", OAuthController, :register)
321 scope "/api/v1/pleroma", Pleroma.Web.PleromaAPI do
324 get("/statuses/:id/reactions/:emoji", EmojiReactionController, :index)
325 get("/statuses/:id/reactions", EmojiReactionController, :index)
328 scope "/api/v1/pleroma", Pleroma.Web.PleromaAPI do
330 pipe_through(:authenticated_api)
332 post("/chats/by-account-id/:id", ChatController, :create)
333 get("/chats", ChatController, :index)
334 get("/chats/:id", ChatController, :show)
335 get("/chats/:id/messages", ChatController, :messages)
336 post("/chats/:id/messages", ChatController, :post_chat_message)
337 delete("/chats/:id/messages/:message_id", ChatController, :delete_message)
338 post("/chats/:id/read", ChatController, :mark_as_read)
339 post("/chats/:id/messages/:message_id/read", ChatController, :mark_message_as_read)
341 get("/conversations/:id/statuses", ConversationController, :statuses)
342 get("/conversations/:id", ConversationController, :show)
343 post("/conversations/read", ConversationController, :mark_as_read)
344 patch("/conversations/:id", ConversationController, :update)
346 put("/statuses/:id/reactions/:emoji", EmojiReactionController, :create)
347 delete("/statuses/:id/reactions/:emoji", EmojiReactionController, :delete)
348 post("/notifications/read", NotificationController, :mark_as_read)
350 get("/mascot", MascotController, :show)
351 put("/mascot", MascotController, :update)
353 post("/scrobble", ScrobbleController, :create)
358 get("/accounts/:id/favourites", AccountController, :favourites)
362 pipe_through(:authenticated_api)
364 post("/accounts/:id/subscribe", AccountController, :subscribe)
365 post("/accounts/:id/unsubscribe", AccountController, :unsubscribe)
368 post("/accounts/confirmation_resend", AccountController, :confirmation_resend)
371 scope "/api/v1/pleroma", Pleroma.Web.PleromaAPI do
373 get("/accounts/:id/scrobbles", ScrobbleController, :index)
376 scope "/api/v1", Pleroma.Web.MastodonAPI do
377 pipe_through(:authenticated_api)
379 get("/accounts/verify_credentials", AccountController, :verify_credentials)
380 patch("/accounts/update_credentials", AccountController, :update_credentials)
382 get("/accounts/relationships", AccountController, :relationships)
383 get("/accounts/:id/lists", AccountController, :lists)
384 get("/accounts/:id/identity_proofs", AccountController, :identity_proofs)
385 get("/endorsements", AccountController, :endorsements)
386 get("/blocks", AccountController, :blocks)
387 get("/mutes", AccountController, :mutes)
389 post("/follows", AccountController, :follow_by_uri)
390 post("/accounts/:id/follow", AccountController, :follow)
391 post("/accounts/:id/unfollow", AccountController, :unfollow)
392 post("/accounts/:id/block", AccountController, :block)
393 post("/accounts/:id/unblock", AccountController, :unblock)
394 post("/accounts/:id/mute", AccountController, :mute)
395 post("/accounts/:id/unmute", AccountController, :unmute)
397 get("/apps/verify_credentials", AppController, :verify_credentials)
399 get("/conversations", ConversationController, :index)
400 post("/conversations/:id/read", ConversationController, :mark_as_read)
402 get("/domain_blocks", DomainBlockController, :index)
403 post("/domain_blocks", DomainBlockController, :create)
404 delete("/domain_blocks", DomainBlockController, :delete)
406 get("/filters", FilterController, :index)
408 post("/filters", FilterController, :create)
409 get("/filters/:id", FilterController, :show)
410 put("/filters/:id", FilterController, :update)
411 delete("/filters/:id", FilterController, :delete)
413 get("/follow_requests", FollowRequestController, :index)
414 post("/follow_requests/:id/authorize", FollowRequestController, :authorize)
415 post("/follow_requests/:id/reject", FollowRequestController, :reject)
417 get("/lists", ListController, :index)
418 get("/lists/:id", ListController, :show)
419 get("/lists/:id/accounts", ListController, :list_accounts)
421 delete("/lists/:id", ListController, :delete)
422 post("/lists", ListController, :create)
423 put("/lists/:id", ListController, :update)
424 post("/lists/:id/accounts", ListController, :add_to_list)
425 delete("/lists/:id/accounts", ListController, :remove_from_list)
427 get("/markers", MarkerController, :index)
428 post("/markers", MarkerController, :upsert)
430 post("/media", MediaController, :create)
431 get("/media/:id", MediaController, :show)
432 put("/media/:id", MediaController, :update)
434 get("/notifications", NotificationController, :index)
435 get("/notifications/:id", NotificationController, :show)
437 post("/notifications/:id/dismiss", NotificationController, :dismiss)
438 post("/notifications/clear", NotificationController, :clear)
439 delete("/notifications/destroy_multiple", NotificationController, :destroy_multiple)
440 # Deprecated: was removed in Mastodon v3, use `/notifications/:id/dismiss` instead
441 post("/notifications/dismiss", NotificationController, :dismiss_via_body)
443 post("/polls/:id/votes", PollController, :vote)
445 post("/reports", ReportController, :create)
447 get("/scheduled_statuses", ScheduledActivityController, :index)
448 get("/scheduled_statuses/:id", ScheduledActivityController, :show)
450 put("/scheduled_statuses/:id", ScheduledActivityController, :update)
451 delete("/scheduled_statuses/:id", ScheduledActivityController, :delete)
453 # Unlike `GET /api/v1/accounts/:id/favourites`, demands authentication
454 get("/favourites", StatusController, :favourites)
455 get("/bookmarks", StatusController, :bookmarks)
457 post("/statuses", StatusController, :create)
458 delete("/statuses/:id", StatusController, :delete)
459 post("/statuses/:id/reblog", StatusController, :reblog)
460 post("/statuses/:id/unreblog", StatusController, :unreblog)
461 post("/statuses/:id/favourite", StatusController, :favourite)
462 post("/statuses/:id/unfavourite", StatusController, :unfavourite)
463 post("/statuses/:id/pin", StatusController, :pin)
464 post("/statuses/:id/unpin", StatusController, :unpin)
465 post("/statuses/:id/bookmark", StatusController, :bookmark)
466 post("/statuses/:id/unbookmark", StatusController, :unbookmark)
467 post("/statuses/:id/mute", StatusController, :mute_conversation)
468 post("/statuses/:id/unmute", StatusController, :unmute_conversation)
470 post("/push/subscription", SubscriptionController, :create)
471 get("/push/subscription", SubscriptionController, :show)
472 put("/push/subscription", SubscriptionController, :update)
473 delete("/push/subscription", SubscriptionController, :delete)
475 get("/suggestions", SuggestionController, :index)
477 get("/timelines/home", TimelineController, :home)
478 get("/timelines/direct", TimelineController, :direct)
479 get("/timelines/list/:list_id", TimelineController, :list)
482 scope "/api/web", Pleroma.Web do
483 pipe_through(:authenticated_api)
485 # Backend-obscure settings blob for MastoFE, don't parse/reuse elsewhere
486 put("/settings", MastoFEController, :put_settings)
489 scope "/api/v1", Pleroma.Web.MastodonAPI do
492 get("/accounts/search", SearchController, :account_search)
493 get("/search", SearchController, :search)
495 get("/accounts/:id/statuses", AccountController, :statuses)
496 get("/accounts/:id/followers", AccountController, :followers)
497 get("/accounts/:id/following", AccountController, :following)
498 get("/accounts/:id", AccountController, :show)
500 post("/accounts", AccountController, :create)
502 get("/instance", InstanceController, :show)
503 get("/instance/peers", InstanceController, :peers)
505 post("/apps", AppController, :create)
507 get("/statuses", StatusController, :index)
508 get("/statuses/:id", StatusController, :show)
509 get("/statuses/:id/context", StatusController, :context)
510 get("/statuses/:id/card", StatusController, :card)
511 get("/statuses/:id/favourited_by", StatusController, :favourited_by)
512 get("/statuses/:id/reblogged_by", StatusController, :reblogged_by)
514 get("/custom_emojis", CustomEmojiController, :index)
516 get("/trends", MastodonAPIController, :empty_array)
518 get("/timelines/public", TimelineController, :public)
519 get("/timelines/tag/:tag", TimelineController, :hashtag)
521 get("/polls/:id", PollController, :show)
524 scope "/api/v2", Pleroma.Web.MastodonAPI do
526 get("/search", SearchController, :search2)
528 post("/media", MediaController, :create2)
531 scope "/api", Pleroma.Web do
532 pipe_through(:config)
534 get("/pleroma/frontend_configurations", TwitterAPI.UtilController, :frontend_configurations)
537 scope "/api", Pleroma.Web do
541 "/account/confirm_email/:user_id/:token",
542 TwitterAPI.Controller,
549 pipe_through(:base_api)
551 get("/openapi", OpenApiSpex.Plug.RenderSpec, [])
554 scope "/api", Pleroma.Web, as: :authenticated_twitter_api do
555 pipe_through(:authenticated_api)
557 get("/oauth_tokens", TwitterAPI.Controller, :oauth_tokens)
558 delete("/oauth_tokens/:id", TwitterAPI.Controller, :revoke_token)
561 "/qvitter/statuses/notifications/read",
562 TwitterAPI.Controller,
563 :mark_notifications_as_read
567 pipeline :ostatus_html_json do
568 plug(:accepts, ["html", "activity+json", "json"])
569 plug(Pleroma.Plugs.StaticFEPlug)
572 pipeline :ostatus_html_xml do
573 plug(:accepts, ["html", "xml", "rss", "atom"])
574 plug(Pleroma.Plugs.StaticFEPlug)
577 pipeline :ostatus_html_xml_json do
578 plug(:accepts, ["html", "xml", "rss", "atom", "activity+json", "json"])
579 plug(Pleroma.Plugs.StaticFEPlug)
582 scope "/", Pleroma.Web do
583 # Note: html format is supported only if static FE is enabled
584 pipe_through(:ostatus_html_json)
586 get("/objects/:uuid", OStatus.OStatusController, :object)
587 get("/activities/:uuid", OStatus.OStatusController, :activity)
588 get("/notice/:id", OStatus.OStatusController, :notice)
590 # Mastodon compatibility routes
591 get("/users/:nickname/statuses/:id", OStatus.OStatusController, :object)
592 get("/users/:nickname/statuses/:id/activity", OStatus.OStatusController, :activity)
595 scope "/", Pleroma.Web do
596 # Note: html format is supported only if static FE is enabled
597 pipe_through(:ostatus_html_xml_json)
599 # Note: for json format responds with user profile (not user feed)
600 get("/users/:nickname", Feed.UserController, :feed_redirect, as: :user_feed)
603 scope "/", Pleroma.Web do
604 # Note: html format is supported only if static FE is enabled
605 pipe_through(:ostatus_html_xml)
606 get("/users/:nickname/feed", Feed.UserController, :feed, as: :user_feed)
609 scope "/", Pleroma.Web do
610 pipe_through(:accepts_html)
611 get("/notice/:id/embed_player", OStatus.OStatusController, :notice_player)
614 scope "/", Pleroma.Web do
615 pipe_through(:accepts_xml_rss_atom)
616 get("/tags/:tag", Feed.TagController, :feed, as: :tag_feed)
619 scope "/", Pleroma.Web do
620 pipe_through(:browser)
621 get("/mailer/unsubscribe/:token", Mailer.SubscriptionController, :unsubscribe)
624 pipeline :ap_service_actor do
625 plug(:accepts, ["activity+json", "json"])
628 # Server to Server (S2S) AP interactions
629 pipeline :activitypub do
630 plug(:ap_service_actor)
631 plug(:http_signature)
634 # Client to Server (C2S) AP interactions
635 pipeline :activitypub_client do
636 plug(:ap_service_actor)
642 scope "/", Pleroma.Web.ActivityPub do
643 pipe_through([:activitypub_client])
645 get("/api/ap/whoami", ActivityPubController, :whoami)
646 get("/users/:nickname/inbox", ActivityPubController, :read_inbox)
648 get("/users/:nickname/outbox", ActivityPubController, :outbox)
649 post("/users/:nickname/outbox", ActivityPubController, :update_outbox)
650 post("/api/ap/upload_media", ActivityPubController, :upload_media)
652 # The following two are S2S as well, see `ActivityPub.fetch_follow_information_for_user/1`:
653 get("/users/:nickname/followers", ActivityPubController, :followers)
654 get("/users/:nickname/following", ActivityPubController, :following)
657 scope "/", Pleroma.Web.ActivityPub do
658 pipe_through(:activitypub)
659 post("/inbox", ActivityPubController, :inbox)
660 post("/users/:nickname/inbox", ActivityPubController, :inbox)
663 scope "/relay", Pleroma.Web.ActivityPub do
664 pipe_through(:ap_service_actor)
666 get("/", ActivityPubController, :relay)
669 pipe_through(:http_signature)
670 post("/inbox", ActivityPubController, :inbox)
673 get("/following", ActivityPubController, :relay_following)
674 get("/followers", ActivityPubController, :relay_followers)
677 scope "/internal/fetch", Pleroma.Web.ActivityPub do
678 pipe_through(:ap_service_actor)
680 get("/", ActivityPubController, :internal_fetch)
681 post("/inbox", ActivityPubController, :inbox)
684 scope "/.well-known", Pleroma.Web do
685 pipe_through(:well_known)
687 get("/host-meta", WebFinger.WebFingerController, :host_meta)
688 get("/webfinger", WebFinger.WebFingerController, :webfinger)
689 get("/nodeinfo", Nodeinfo.NodeinfoController, :schemas)
692 scope "/nodeinfo", Pleroma.Web do
693 get("/:version", Nodeinfo.NodeinfoController, :nodeinfo)
696 scope "/", Pleroma.Web do
699 get("/web/manifest.json", MastoFEController, :manifest)
702 scope "/", Pleroma.Web do
703 pipe_through(:mastodon_html)
705 get("/web/login", MastodonAPI.AuthController, :login)
706 delete("/auth/sign_out", MastodonAPI.AuthController, :logout)
708 post("/auth/password", MastodonAPI.AuthController, :password_reset)
710 get("/web/*path", MastoFEController, :index)
712 get("/embed/:id", EmbedController, :show)
715 scope "/proxy/", Pleroma.Web.MediaProxy do
716 get("/preview/:sig/:url", MediaProxyController, :preview)
717 get("/preview/:sig/:url/:filename", MediaProxyController, :preview)
718 get("/:sig/:url", MediaProxyController, :remote)
719 get("/:sig/:url/:filename", MediaProxyController, :remote)
722 if Pleroma.Config.get(:env) == :dev do
724 pipe_through([:mailbox_preview])
726 forward("/mailbox", Plug.Swoosh.MailboxPreview, base_path: "/dev/mailbox")
730 # Test-only routes needed to test action dispatching and plug chain execution
731 if Pleroma.Config.get(:env) == :test do
734 :fallback_oauth_check,
736 :fallback_oauth_skip_publicity_check,
737 :skip_oauth_skip_publicity_check,
738 :missing_oauth_check_definition
741 scope "/test/api", Pleroma.Tests do
744 for action <- @test_actions do
745 get("/#{action}", AuthTestController, action)
749 scope "/test/authenticated_api", Pleroma.Tests do
750 pipe_through(:authenticated_api)
752 for action <- @test_actions do
753 get("/#{action}", AuthTestController, action)
758 scope "/", Pleroma.Web.MongooseIM do
759 get("/user_exists", MongooseIMController, :user_exists)
760 get("/check_password", MongooseIMController, :check_password)
763 scope "/", Fallback do
764 get("/registration/:token", RedirectController, :registration_page)
765 get("/:maybe_nickname_or_id", RedirectController, :redirector_with_meta)
766 get("/api*path", RedirectController, :api_not_implemented)
767 get("/*path", RedirectController, :redirector_with_preload)
769 options("/*path", RedirectController, :empty)