1 # Pleroma: A lightweight social networking server
2 # Copyright © 2017-2020 Pleroma Authors <https://pleroma.social/>
3 # SPDX-License-Identifier: AGPL-3.0-only
5 defmodule Pleroma.Web.TwitterAPI.Controller do
6 use Pleroma.Web, :controller
8 alias Pleroma.Notification
9 alias Pleroma.Plugs.EnsurePublicOrAuthenticatedPlug
10 alias Pleroma.Plugs.OAuthScopesPlug
12 alias Pleroma.Web.OAuth.Token
13 alias Pleroma.Web.TwitterAPI.TokenView
19 %{scopes: ["write:notifications"]} when action == :mark_notifications_as_read
24 [OAuthScopesPlug, EnsurePublicOrAuthenticatedPlug] when action == :confirm_email
27 plug(:skip_plug, OAuthScopesPlug when action in [:oauth_tokens, :revoke_token])
29 action_fallback(:errors)
31 def confirm_email(conn, %{"user_id" => uid, "token" => token}) do
32 with %User{} = user <- User.get_cached_by_id(uid),
33 true <- user.local and user.confirmation_pending and user.confirmation_token == token,
36 |> User.confirmation_changeset(need_confirmation: false)
37 |> User.update_and_set_cache() do
38 User.post_register_action(user)
39 redirect(conn, to: "/")
43 def oauth_tokens(%{assigns: %{user: user}} = conn, _params) do
44 with oauth_tokens <- Token.get_user_tokens(user) do
46 |> put_view(TokenView)
47 |> render("index.json", %{tokens: oauth_tokens})
51 def revoke_token(%{assigns: %{user: user}} = conn, %{"id" => id} = _params) do
52 Token.delete_user_token(user, id)
54 json_reply(conn, 201, "")
57 defp errors(conn, {:param_cast, _}) do
60 |> json("Invalid parameters")
63 defp errors(conn, _) do
66 |> json("Something went wrong")
69 defp json_reply(conn, status, json) do
71 |> put_resp_content_type("application/json")
72 |> send_resp(status, json)
75 def mark_notifications_as_read(
76 %{assigns: %{user: user}} = conn,
77 %{"latest_id" => latest_id} = params
79 Notification.set_read_up_to(user, latest_id)
81 notifications = Notification.for_user(user, params)
84 # XXX: This is a hack because pleroma-fe still uses that API.
85 |> put_view(Pleroma.Web.MastodonAPI.NotificationView)
86 |> render("index.json", %{notifications: notifications, for: user})
89 def mark_notifications_as_read(%{assigns: %{user: _user}} = conn, _) do
90 bad_request_reply(conn, "You need to specify latest_id")
93 defp bad_request_reply(conn, error_message) do
94 json = error_json(conn, error_message)
95 json_reply(conn, 400, json)
98 defp error_json(conn, error_message) do
99 %{"error" => error_message, "request" => conn.request_path} |> Jason.encode!()