defmodule Pleroma.Web.TwitterAPI.TwitterAPI do
alias Pleroma.{UserInviteToken, User, Activity, Repo, Object}
+ alias Pleroma.{UserEmail, Mailer}
alias Pleroma.Web.ActivityPub.ActivityPub
alias Pleroma.Web.TwitterAPI.UserView
alias Pleroma.Web.CommonAPI
+
import Ecto.Query
def create_status(%User{} = user, %{"status" => _} = data) do
bio: User.parse_bio(params["bio"]),
email: params["email"],
password: params["password"],
- password_confirmation: params["confirm"]
+ password_confirmation: params["confirm"],
+ captcha_solution: params["captcha_solution"],
+ captcha_token: params["captcha_token"]
}
- registrations_open = Pleroma.Config.get([:instance, :registrations_open])
-
- # no need to query DB if registration is open
- token =
- unless registrations_open || is_nil(tokenString) do
- Repo.get_by(UserInviteToken, %{token: tokenString})
+ captcha_enabled = Pleroma.Config.get([Pleroma.Captcha, :enabled])
+ # true if captcha is disabled or enabled and valid, false otherwise
+ captcha_ok =
+ if !captcha_enabled do
+ true
+ else
+ Pleroma.Captcha.validate(params[:captcha_token], params[:captcha_solution])
end
- cond do
- registrations_open || (!is_nil(token) && !token.used) ->
- changeset = User.register_changeset(%User{info: %{}}, params)
-
- with {:ok, user} <- Repo.insert(changeset) do
- !registrations_open && UserInviteToken.mark_as_used(token.token)
- {:ok, user}
- else
- {:error, changeset} ->
- errors =
- Ecto.Changeset.traverse_errors(changeset, fn {msg, _opts} -> msg end)
- |> Jason.encode!()
+ # Captcha invalid
+ if not captcha_ok do
+ # I have no idea how this error handling works
+ {:error, %{error: Jason.encode!(%{captcha: ["Invalid CAPTCHA"]})}}
+ else
+ registrations_open = Pleroma.Config.get([:instance, :registrations_open])
- {:error, %{error: errors}}
+ # no need to query DB if registration is open
+ token =
+ unless registrations_open || is_nil(tokenString) do
+ Repo.get_by(UserInviteToken, %{token: tokenString})
end
- !registrations_open && is_nil(token) ->
- {:error, "Invalid token"}
+ cond do
+ registrations_open || (!is_nil(token) && !token.used) ->
+ changeset = User.register_changeset(%User{}, params)
+
+ with {:ok, user} <- User.register(changeset) do
+ !registrations_open && UserInviteToken.mark_as_used(token.token)
+
+ {:ok, user}
+ else
+ {:error, changeset} ->
+ errors =
+ Ecto.Changeset.traverse_errors(changeset, fn {msg, _opts} -> msg end)
+ |> Jason.encode!()
+
+ {:error, %{error: errors}}
+ end
+
+ !registrations_open && is_nil(token) ->
+ {:error, "Invalid token"}
+
+ !registrations_open && token.used ->
+ {:error, "Expired token"}
+ end
+ end
+ end
+
+ def password_reset(nickname_or_email) do
+ with true <- is_binary(nickname_or_email),
+ %User{local: true} = user <- User.get_by_nickname_or_email(nickname_or_email),
+ {:ok, token_record} <- Pleroma.PasswordResetToken.create_token(user) do
+ user
+ |> UserEmail.password_reset_email(token_record.token)
+ |> Mailer.deliver()
+ else
+ false ->
+ {:error, "bad user identifier"}
+
+ %User{local: false} ->
+ {:error, "remote user"}
- !registrations_open && token.used ->
- {:error, "Expired token"}
+ nil ->
+ {:error, "unknown user"}
end
end