Merge remote-tracking branch 'origin/develop' into global-status-expiration
[akkoma] / lib / pleroma / web / mastodon_api / controllers / app_controller.ex
1 # Pleroma: A lightweight social networking server
2 # Copyright © 2017-2020 Pleroma Authors <https://pleroma.social/>
3 # SPDX-License-Identifier: AGPL-3.0-only
4
5 defmodule Pleroma.Web.MastodonAPI.AppController do
6 use Pleroma.Web, :controller
7
8 alias Pleroma.Plugs.EnsurePublicOrAuthenticatedPlug
9 alias Pleroma.Plugs.OAuthScopesPlug
10 alias Pleroma.Repo
11 alias Pleroma.Web.OAuth.App
12 alias Pleroma.Web.OAuth.Scopes
13 alias Pleroma.Web.OAuth.Token
14
15 action_fallback(Pleroma.Web.MastodonAPI.FallbackController)
16
17 plug(
18 :skip_plug,
19 [OAuthScopesPlug, EnsurePublicOrAuthenticatedPlug]
20 when action == :create
21 )
22
23 plug(OAuthScopesPlug, %{scopes: ["read"]} when action == :verify_credentials)
24
25 plug(Pleroma.Web.ApiSpec.CastAndValidate)
26
27 @local_mastodon_name "Mastodon-Local"
28
29 defdelegate open_api_operation(action), to: Pleroma.Web.ApiSpec.AppOperation
30
31 @doc "POST /api/v1/apps"
32 def create(%{body_params: params} = conn, _params) do
33 scopes = Scopes.fetch_scopes(params, ["read"])
34
35 app_attrs =
36 params
37 |> Map.take([:client_name, :redirect_uris, :website])
38 |> Map.put(:scopes, scopes)
39
40 with cs <- App.register_changeset(%App{}, app_attrs),
41 false <- cs.changes[:client_name] == @local_mastodon_name,
42 {:ok, app} <- Repo.insert(cs) do
43 render(conn, "show.json", app: app)
44 end
45 end
46
47 @doc "GET /api/v1/apps/verify_credentials"
48 def verify_credentials(%{assigns: %{user: _user, token: token}} = conn, _) do
49 with %Token{app: %App{} = app} <- Repo.preload(token, :app) do
50 render(conn, "short.json", app: app)
51 end
52 end
53 end