X-Git-Url: http://git.squeep.com/?a=blobdiff_plain;f=lib%2Fpleroma%2Fweb%2Ftwitter_api%2Ftwitter_api.ex;h=90b8345c5414639e06e3dc22fc8038c96d890a04;hb=3d980daa49e51c7e3ec1f019e2b68c8108b37c76;hp=9c485d965592b8d2b587414b3637848218a109c7;hpb=b0adea30b38713e70039475acdd3defbef57171a;p=akkoma

diff --git a/lib/pleroma/web/twitter_api/twitter_api.ex b/lib/pleroma/web/twitter_api/twitter_api.ex
index 9c485d965..90b8345c5 100644
--- a/lib/pleroma/web/twitter_api/twitter_api.ex
+++ b/lib/pleroma/web/twitter_api/twitter_api.ex
@@ -2,18 +2,15 @@ defmodule Pleroma.Web.TwitterAPI.TwitterAPI do
   alias Pleroma.{UserInviteToken, User, Activity, Repo, Object}
   alias Pleroma.Web.ActivityPub.ActivityPub
   alias Pleroma.Web.TwitterAPI.UserView
-  alias Pleroma.Web.{OStatus, CommonAPI}
-  alias Pleroma.Web.MediaProxy
+  alias Pleroma.Web.CommonAPI
   import Ecto.Query
 
-  @httpoison Application.get_env(:pleroma, :httpoison)
-
   def create_status(%User{} = user, %{"status" => _} = data) do
     CommonAPI.post(user, data)
   end
 
   def delete(%User{} = user, id) do
-    with %Activity{data: %{"type" => type}} <- Repo.get(Activity, id),
+    with %Activity{data: %{"type" => _type}} <- Repo.get(Activity, id),
          {:ok, activity} <- CommonAPI.delete(id, user) do
       {:ok, activity}
     end
@@ -37,7 +34,7 @@ defmodule Pleroma.Web.TwitterAPI.TwitterAPI do
 
   def unfollow(%User{} = follower, params) do
     with {:ok, %User{} = unfollowed} <- get_user(params),
-         {:ok, follower, follow_activity} <- User.unfollow(follower, unfollowed),
+         {:ok, follower, _follow_activity} <- User.unfollow(follower, unfollowed),
          {:ok, _activity} <- ActivityPub.unfollow(follower, unfollowed) do
       {:ok, follower, unfollowed}
     else
@@ -135,38 +132,74 @@ defmodule Pleroma.Web.TwitterAPI.TwitterAPI do
       bio: User.parse_bio(params["bio"]),
       email: params["email"],
       password: params["password"],
-      password_confirmation: params["confirm"]
+      password_confirmation: params["confirm"],
+      captcha_solution: params["captcha_solution"],
+      captcha_token: params["captcha_token"]
     }
 
-    registrations_open = Pleroma.Config.get([:instance, :registrations_open])
-
-    # no need to query DB if registration is open
-    token =
-      unless registrations_open || is_nil(tokenString) do
-        Repo.get_by(UserInviteToken, %{token: tokenString})
+    captcha_enabled = Pleroma.Config.get([Pleroma.Captcha, :enabled])
+    # true if captcha is disabled or enabled and valid, false otherwise
+    captcha_ok =
+      if !captcha_enabled do
+        true
+      else
+        Pleroma.Captcha.validate(params[:captcha_token], params[:captcha_solution])
       end
 
-    cond do
-      registrations_open || (!is_nil(token) && !token.used) ->
-        changeset = User.register_changeset(%User{info: %{}}, params)
-
-        with {:ok, user} <- Repo.insert(changeset) do
-          !registrations_open && UserInviteToken.mark_as_used(token.token)
-          {:ok, user}
-        else
-          {:error, changeset} ->
-            errors =
-              Ecto.Changeset.traverse_errors(changeset, fn {msg, _opts} -> msg end)
-              |> Jason.encode!()
+    # Captcha invalid
+    if not captcha_ok do
+      # I have no idea how this error handling works
+      {:error, %{error: Jason.encode!(%{captcha: ["Invalid CAPTCHA"]})}}
+    else
+      registrations_open = Pleroma.Config.get([:instance, :registrations_open])
 
-            {:error, %{error: errors}}
+      # no need to query DB if registration is open
+      token =
+        unless registrations_open || is_nil(tokenString) do
+          Repo.get_by(UserInviteToken, %{token: tokenString})
         end
 
-      !registrations_open && is_nil(token) ->
-        {:error, "Invalid token"}
+      cond do
+        registrations_open || (!is_nil(token) && !token.used) ->
+          changeset = User.register_changeset(%User{info: %{}}, params)
+
+          with {:ok, user} <- Repo.insert(changeset) do
+            !registrations_open && UserInviteToken.mark_as_used(token.token)
+            {:ok, user}
+          else
+            {:error, changeset} ->
+              errors =
+                Ecto.Changeset.traverse_errors(changeset, fn {msg, _opts} -> msg end)
+                |> Jason.encode!()
+
+              {:error, %{error: errors}}
+          end
+
+        !registrations_open && is_nil(token) ->
+          {:error, "Invalid token"}
 
-      !registrations_open && token.used ->
-        {:error, "Expired token"}
+        !registrations_open && token.used ->
+          {:error, "Expired token"}
+      end
+    end
+  end
+
+  def password_reset(nickname_or_email) do
+    with true <- is_binary(nickname_or_email),
+         %User{local: true} = user <- User.get_by_nickname_or_email(nickname_or_email),
+         {:ok, token_record} <- Pleroma.PasswordResetToken.create_token(user) do
+      user
+      |> Pleroma.UserEmail.password_reset_email(token_record.token)
+      |> Pleroma.Mailer.deliver()
+    else
+      false ->
+        {:error, "bad user identifier"}
+
+      %User{local: false} ->
+        {:error, "remote user"}
+
+      nil ->
+        {:error, "unknown user"}
     end
   end
 
@@ -244,10 +277,6 @@ defmodule Pleroma.Web.TwitterAPI.TwitterAPI do
     _activities = Repo.all(q)
   end
 
-  defp make_date do
-    DateTime.utc_now() |> DateTime.to_iso8601()
-  end
-
   # DEPRECATED mostly, context objects are now created at insertion time.
   def context_to_conversation_id(context) do
     with %Object{id: id} <- Object.get_cached_by_ap_id(context) do