defp recipient(email, nil), do: email
defp recipient(email, name), do: {name, email}
+ defp recipient(%Pleroma.User{} = user), do: recipient(user.email, user.name)
def password_reset_email(user, password_reset_token) when is_binary(password_reset_token) do
password_reset_url =
"""
new()
- |> to(recipient(user.email, user.name))
+ |> to(recipient(user))
|> from(sender())
|> subject("Password reset")
|> html_body(html_body)
|> subject("Invitation to #{instance_name()}")
|> html_body(html_body)
end
+
+ def account_confirmation_email(user) do
+ confirmation_url =
+ Router.Helpers.confirm_email_url(
+ Endpoint,
+ :confirm_email,
+ to_string(user.info.confirmation_token)
+ )
+
+ html_body = """
+ <h3>Welcome to #{instance_name()}!</h3>
+ <p>Email confirmation is required to activate the account.</p>
+ <p>Click the following link to proceed: <a href="#{confirmation_url}">activate your account</a>.</p>
+ """
+
+ new()
+ |> to(recipient(user))
+ |> from(sender())
+ |> subject("#{instance_name()} account confirmation")
+ |> html_body(html_body)
+ end
end
timestamps()
end
+ def auth_active?(user), do: user.info && !user.info.confirmation_pending
+
def avatar_url(user) do
case user.avatar do
%{"url" => [%{"href" => href} | _]} -> href
])
end
+ def confirmation_update(info, :confirmed) do
+ confirmation_update(info, %{
+ confirmation_pending: false,
+ confirmation_token: nil
+ })
+ end
+
+ def confirmation_update(info, :unconfirmed) do
+ confirmation_update(info, %{
+ confirmation_pending: true,
+ confirmation_token: :crypto.strong_rand_bytes(32) |> Base.url_encode64()
+ })
+ end
+
def confirmation_update(info, params) do
cast(info, params, [:confirmation_pending, :confirmation_token])
end
}) do
with %User{} = user <- User.get_by_nickname_or_email(name),
true <- Pbkdf2.checkpw(password, user.password_hash),
+ true <- User.auth_active?(user),
%App{} = app <- Repo.get_by(App, client_id: client_id),
{:ok, auth} <- Authorization.create_authorization(app, user) do
# Special case: Local MastodonFE.
with %App{} = app <- get_app_from_request(conn, params),
%User{} = user <- User.get_by_nickname_or_email(name),
true <- Pbkdf2.checkpw(password, user.password_hash),
+ true <- User.auth_active?(user),
{:ok, auth} <- Authorization.create_authorization(app, user),
{:ok, token} <- Token.exchange_token(app, auth) do
response = %{
post("/account/register", TwitterAPI.Controller, :register)
post("/account/password_reset", TwitterAPI.Controller, :password_reset)
- get("/account/confirm_email/:token", TwitterAPI.Controller, :confirm_email)
+
+ get("/account/confirm_email/:token", TwitterAPI.Controller, :confirm_email, as: :confirm_email)
get("/search", TwitterAPI.Controller, :search)
get("/statusnet/tags/timeline/:tag", TwitterAPI.Controller, :public_and_external_timeline)
closed: if(Keyword.get(instance, :registrations_open), do: "0", else: "1"),
private: if(Keyword.get(instance, :public, true), do: "0", else: "1"),
vapidPublicKey: vapid_public_key,
+ accountActivationRequired:
+ if(Keyword.get(instance, :account_activation_required, false), do: "1", else: "0"),
invitesEnabled: if(Keyword.get(instance, :invites_enabled, false), do: "1", else: "0")
}
defmodule Pleroma.Web.TwitterAPI.TwitterAPI do
alias Pleroma.{UserInviteToken, User, Activity, Repo, Object}
+ alias Pleroma.{UserEmail, Mailer}
alias Pleroma.Web.ActivityPub.ActivityPub
alias Pleroma.Web.TwitterAPI.UserView
alias Pleroma.Web.CommonAPI
+
import Ecto.Query
def create_status(%User{} = user, %{"status" => _} = data) do
with {:ok, user} <- Repo.insert(changeset) do
!registrations_open && UserInviteToken.mark_as_used(token.token)
+
+ if Pleroma.Config.get([:instance, :account_activation_required]) do
+ info_change = User.Info.confirmation_update(user.info, :unconfirmed)
+
+ {:ok, unconfirmed_user} =
+ user
+ |> Ecto.Changeset.change()
+ |> Ecto.Changeset.put_embed(:info, info_change)
+ |> Repo.update()
+
+ {:ok, _} =
+ unconfirmed_user
+ |> UserEmail.account_confirmation_email()
+ |> Mailer.deliver()
+ end
+
{:ok, user}
else
{:error, changeset} ->
%User{local: true} = user <- User.get_by_nickname_or_email(nickname_or_email),
{:ok, token_record} <- Pleroma.PasswordResetToken.create_token(user) do
user
- |> Pleroma.UserEmail.password_reset_email(token_record.token)
- |> Pleroma.Mailer.deliver()
+ |> UserEmail.password_reset_email(token_record.token)
+ |> Mailer.deliver()
else
false ->
{:error, "bad user identifier"}
require Logger
plug(:only_if_public_instance when action in [:public_timeline, :public_and_external_timeline])
+ plug(:fetch_flash when action in [:confirm_email])
action_fallback(:errors)
def verify_credentials(%{assigns: %{user: user}} = conn, _params) do
def confirm_email(conn, %{"token" => token}) do
with %User{} = user <- User.get_by_confirmation_token(token),
true <- user.local,
- new_info_fields <- %{confirmation_pending: false, confirmation_token: nil},
- info_change <- User.Info.confirmation_update(user.info, new_info_fields),
+ info_change <- User.Info.confirmation_update(user.info, :confirmed),
changeset <- Changeset.change(user) |> Changeset.put_embed(:info, info_change),
{:ok, _} <- User.update_and_set_cache(changeset) do
conn
projects / akkoma / commitdiff