X-Git-Url: http://git.squeep.com/?a=blobdiff_plain;f=lib%2Fpleroma%2Fweb%2Ftwitter_api%2Ftwitter_api.ex;h=ecf81d492799aaa1fa179ef1ccbbbef9ce75779f;hb=b73a1a33de76dc848037a5d0e951866bd21f92c4;hp=c9e8fbcbb4d0825abb3ff0ad60f854786406903d;hpb=a2399c1c7c17ee1c8e85ae0b6095405c7cb9f6f1;p=akkoma diff --git a/lib/pleroma/web/twitter_api/twitter_api.ex b/lib/pleroma/web/twitter_api/twitter_api.ex index c9e8fbcbb..ecf81d492 100644 --- a/lib/pleroma/web/twitter_api/twitter_api.ex +++ b/lib/pleroma/web/twitter_api/twitter_api.ex @@ -1,8 +1,14 @@ +# Pleroma: A lightweight social networking server +# Copyright © 2017-2019 Pleroma Authors +# SPDX-License-Identifier: AGPL-3.0-only + defmodule Pleroma.Web.TwitterAPI.TwitterAPI do alias Pleroma.{UserInviteToken, User, Activity, Repo, Object} + alias Pleroma.{UserEmail, Mailer} alias Pleroma.Web.ActivityPub.ActivityPub alias Pleroma.Web.TwitterAPI.UserView alias Pleroma.Web.CommonAPI + import Ecto.Query def create_status(%User{} = user, %{"status" => _} = data) do @@ -134,44 +140,59 @@ defmodule Pleroma.Web.TwitterAPI.TwitterAPI do password: params["password"], password_confirmation: params["confirm"], captcha_solution: params["captcha_solution"], - captcha_token: params["captcha_token"] + captcha_token: params["captcha_token"], + captcha_answer_data: params["captcha_answer_data"] } + captcha_enabled = Pleroma.Config.get([Pleroma.Captcha, :enabled]) + # true if captcha is disabled or enabled and valid, false otherwise + captcha_ok = + if !captcha_enabled do + :ok + else + Pleroma.Captcha.validate( + params[:captcha_token], + params[:captcha_solution], + params[:captcha_answer_data] + ) + end + # Captcha invalid - if not Pleroma.Captcha.validate(params[:captcha_token], params[:captcha_solution]) do + if captcha_ok != :ok do + {:error, error} = captcha_ok # I have no idea how this error handling works - {:error, %{error: Jason.encode!(%{captcha: ["Invalid CAPTCHA"]})}} + {:error, %{error: Jason.encode!(%{captcha: [error]})}} else registrations_open = Pleroma.Config.get([:instance, :registrations_open]) # no need to query DB if registration is open token = unless registrations_open || is_nil(tokenString) do - Repo.get_by(UserInviteToken, %{token: tokenString}) - end + Repo.get_by(UserInviteToken, %{token: tokenString}) + end cond do registrations_open || (!is_nil(token) && !token.used) -> - changeset = User.register_changeset(%User{info: %{}}, params) + changeset = User.register_changeset(%User{}, params) - with {:ok, user} <- Repo.insert(changeset) do + with {:ok, user} <- User.register(changeset) do !registrations_open && UserInviteToken.mark_as_used(token.token) + {:ok, user} else {:error, changeset} -> errors = - Ecto.Changeset.traverse_errors(changeset, fn {msg, _opts} -> msg end) - |> Jason.encode!() + Ecto.Changeset.traverse_errors(changeset, fn {msg, _opts} -> msg end) + |> Jason.encode!() - {:error, %{error: errors}} + {:error, %{error: errors}} end - !registrations_open && is_nil(token) -> - {:error, "Invalid token"} + {:error, "Invalid token"} !registrations_open && token.used -> - {:error, "Expired token"} + {:error, "Expired token"} end end end @@ -181,8 +202,8 @@ defmodule Pleroma.Web.TwitterAPI.TwitterAPI do %User{local: true} = user <- User.get_by_nickname_or_email(nickname_or_email), {:ok, token_record} <- Pleroma.PasswordResetToken.create_token(user) do user - |> Pleroma.UserEmail.password_reset_email(token_record.token) - |> Pleroma.Mailer.deliver() + |> UserEmail.password_reset_email(token_record.token) + |> Mailer.deliver() else false -> {:error, "bad user identifier"}