X-Git-Url: http://git.squeep.com/?a=blobdiff_plain;f=lib%2Fpleroma%2Fweb%2Frouter.ex;h=68e7a44b623ea704b965ebeb394750a6cab2ce59;hb=6096846f5f33e1e81ef72c0f97b30c2745426c5d;hp=ad97698ddf3f888641b8e2df0ab5573d1746edaa;hpb=46486595ff96e0af0c3193e60879a8e67f77b933;p=akkoma diff --git a/lib/pleroma/web/router.ex b/lib/pleroma/web/router.ex index ad97698dd..68e7a44b6 100644 --- a/lib/pleroma/web/router.ex +++ b/lib/pleroma/web/router.ex @@ -1,3 +1,7 @@ +# Pleroma: A lightweight social networking server +# Copyright © 2017-2019 Pleroma Authors +# SPDX-License-Identifier: AGPL-3.0-only + defmodule Pleroma.Web.Router do use Pleroma.Web, :router @@ -38,6 +42,7 @@ defmodule Pleroma.Web.Router do plug(Pleroma.Plugs.SessionAuthenticationPlug) plug(Pleroma.Plugs.LegacyAuthenticationPlug) plug(Pleroma.Plugs.AuthenticationPlug) + plug(Pleroma.Plugs.AdminSecretAuthenticationPlug) plug(Pleroma.Plugs.UserEnabledPlug) plug(Pleroma.Plugs.SetUserSessionIdPlug) plug(Pleroma.Plugs.EnsureAuthenticatedPlug) @@ -85,11 +90,26 @@ defmodule Pleroma.Web.Router do plug(:accepts, ["html", "json"]) end + pipeline :mailbox_preview do + plug(:accepts, ["html"]) + + plug(:put_secure_browser_headers, %{ + "content-security-policy" => + "default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval'; style-src 'self' 'unsafe-inline' 'unsafe-eval'" + }) + end + scope "/api/pleroma", Pleroma.Web.TwitterAPI do pipe_through(:pleroma_api) get("/password_reset/:token", UtilController, :show_password_reset) post("/password_reset", UtilController, :password_reset) get("/emoji", UtilController, :emoji) + get("/captcha", UtilController, :captcha) + end + + scope "/api/pleroma", Pleroma.Web do + pipe_through(:pleroma_api) + post("/uploader_callback/:upload_path", UploaderController, :callback) end scope "/api/pleroma/admin", Pleroma.Web.AdminAPI do @@ -108,6 +128,8 @@ defmodule Pleroma.Web.Router do delete("/relay", AdminAPIController, :relay_unfollow) get("/invite_token", AdminAPIController, :get_invite_token) + post("/email_invite", AdminAPIController, :email_invite) + get("/password_reset", AdminAPIController, :get_password_reset) end @@ -120,6 +142,7 @@ defmodule Pleroma.Web.Router do scope "/api/pleroma", Pleroma.Web.TwitterAPI do pipe_through(:authenticated_api) + post("/blocks_import", UtilController, :blocks_import) post("/follow_import", UtilController, :follow_import) post("/change_password", UtilController, :change_password) post("/delete_account", UtilController, :delete_account) @@ -170,6 +193,8 @@ defmodule Pleroma.Web.Router do post("/statuses/:id/unreblog", MastodonAPIController, :unreblog_status) post("/statuses/:id/favourite", MastodonAPIController, :fav_status) post("/statuses/:id/unfavourite", MastodonAPIController, :unfav_status) + post("/statuses/:id/pin", MastodonAPIController, :pin_status) + post("/statuses/:id/unpin", MastodonAPIController, :unpin_status) post("/notifications/clear", MastodonAPIController, :clear_notifications) post("/notifications/dismiss", MastodonAPIController, :dismiss_notification) @@ -227,7 +252,7 @@ defmodule Pleroma.Web.Router do get("/statuses/:id", MastodonAPIController, :get_status) get("/statuses/:id/context", MastodonAPIController, :get_context) - get("/statuses/:id/card", MastodonAPIController, :empty_object) + get("/statuses/:id/card", MastodonAPIController, :status_card) get("/statuses/:id/favourited_by", MastodonAPIController, :favourited_by) get("/statuses/:id/reblogged_by", MastodonAPIController, :reblogged_by) @@ -264,10 +289,21 @@ defmodule Pleroma.Web.Router do get("/statuses/followers", TwitterAPI.Controller, :followers) get("/statuses/friends", TwitterAPI.Controller, :friends) + get("/statuses/blocks", TwitterAPI.Controller, :blocks) get("/statuses/show/:id", TwitterAPI.Controller, :fetch_status) get("/statusnet/conversation/:id", TwitterAPI.Controller, :fetch_conversation) post("/account/register", TwitterAPI.Controller, :register) + post("/account/password_reset", TwitterAPI.Controller, :password_reset) + + get( + "/account/confirm_email/:user_id/:token", + TwitterAPI.Controller, + :confirm_email, + as: :confirm_email + ) + + post("/account/resend_confirmation_email", TwitterAPI.Controller, :resend_confirmation_email) get("/search", TwitterAPI.Controller, :search) get("/statusnet/tags/timeline/:tag", TwitterAPI.Controller, :public_and_external_timeline) @@ -318,6 +354,9 @@ defmodule Pleroma.Web.Router do post("/statuses/unretweet/:id", TwitterAPI.Controller, :unretweet) post("/statuses/destroy/:id", TwitterAPI.Controller, :delete_post) + post("/statuses/pin/:id", TwitterAPI.Controller, :pin) + post("/statuses/unpin/:id", TwitterAPI.Controller, :unpin) + get("/pleroma/friend_requests", TwitterAPI.Controller, :friend_requests) post("/pleroma/friendships/approve", TwitterAPI.Controller, :approve_friend_request) post("/pleroma/friendships/deny", TwitterAPI.Controller, :deny_friend_request) @@ -391,6 +430,28 @@ defmodule Pleroma.Web.Router do get("/users/:nickname/followers", ActivityPubController, :followers) get("/users/:nickname/following", ActivityPubController, :following) get("/users/:nickname/outbox", ActivityPubController, :outbox) + get("/objects/:uuid/likes", ActivityPubController, :object_likes) + end + + pipeline :activitypub_client do + plug(:accepts, ["activity+json"]) + plug(:fetch_session) + plug(Pleroma.Plugs.OAuthPlug) + plug(Pleroma.Plugs.BasicAuthDecoderPlug) + plug(Pleroma.Plugs.UserFetcherPlug) + plug(Pleroma.Plugs.SessionAuthenticationPlug) + plug(Pleroma.Plugs.LegacyAuthenticationPlug) + plug(Pleroma.Plugs.AuthenticationPlug) + plug(Pleroma.Plugs.UserEnabledPlug) + plug(Pleroma.Plugs.SetUserSessionIdPlug) + plug(Pleroma.Plugs.EnsureUserKeyPlug) + end + + scope "/", Pleroma.Web.ActivityPub do + pipe_through([:activitypub_client]) + + get("/users/:nickname/inbox", ActivityPubController, :read_inbox) + post("/users/:nickname/outbox", ActivityPubController, :update_outbox) end scope "/relay", Pleroma.Web.ActivityPub do @@ -434,8 +495,17 @@ defmodule Pleroma.Web.Router do get("/:sig/:url/:filename", MediaProxyController, :remote) end + if Mix.env() == :dev do + scope "/dev" do + pipe_through([:mailbox_preview]) + + forward("/mailbox", Plug.Swoosh.MailboxPreview, base_path: "/dev/mailbox") + end + end + scope "/", Fallback do get("/registration/:token", RedirectController, :registration_page) + get("/:maybe_nickname_or_id", RedirectController, :redirector_with_meta) get("/*path", RedirectController, :redirector) options("/*path", RedirectController, :empty) @@ -445,11 +515,21 @@ end defmodule Fallback.RedirectController do use Pleroma.Web, :controller alias Pleroma.Web.Metadata + alias Pleroma.User - def redirector(conn, _params) do + def redirector(conn, _params, code \\ 200) do conn |> put_resp_content_type("text/html") - |> send_file(200, index_file_path()) + |> send_file(code, index_file_path()) + end + + def redirector_with_meta(conn, %{"maybe_nickname_or_id" => maybe_nickname_or_id} = params) do + with %User{} = user <- User.get_cached_by_nickname_or_id(maybe_nickname_or_id) do + redirector_with_meta(conn, %{user: user}) + else + nil -> + redirector(conn, params) + end end def redirector_with_meta(conn, params) do @@ -463,7 +543,7 @@ defmodule Fallback.RedirectController do end def index_file_path do - Application.app_dir(:pleroma, "priv/static/index.html") + Pleroma.Plugs.InstanceStatic.file_path("index.html") end def registration_page(conn, params) do