2018-12-23 13:04:54 -07:00
|
|
|
# Pleroma: A lightweight social networking server
|
2020-02-27 06:27:49 -07:00
|
|
|
# Copyright © 2017-2020 Pleroma Authors <https://pleroma.social/>
|
2018-12-23 13:04:54 -07:00
|
|
|
# SPDX-License-Identifier: AGPL-3.0-only
|
|
|
|
|
2017-03-21 10:53:20 -06:00
|
|
|
defmodule Pleroma.Web.TwitterAPI.TwitterAPI do
|
2020-04-29 10:48:08 -06:00
|
|
|
import Pleroma.Web.Gettext
|
|
|
|
|
2019-04-09 22:05:05 -06:00
|
|
|
alias Pleroma.Emails.Mailer
|
2019-04-09 22:14:37 -06:00
|
|
|
alias Pleroma.Emails.UserEmail
|
2020-07-16 19:25:53 -06:00
|
|
|
alias Pleroma.HTML
|
2019-02-09 08:16:26 -07:00
|
|
|
alias Pleroma.Repo
|
2019-03-04 19:52:23 -07:00
|
|
|
alias Pleroma.User
|
|
|
|
alias Pleroma.UserInviteToken
|
2017-03-21 10:53:20 -06:00
|
|
|
|
2019-05-13 12:35:45 -06:00
|
|
|
def register_user(params, opts \\ []) do
|
2020-04-03 12:45:08 -06:00
|
|
|
params =
|
|
|
|
params
|
2020-04-29 10:48:08 -06:00
|
|
|
|> Map.take([:email, :token, :password])
|
|
|
|
|> Map.put(:bio, params |> Map.get(:bio, "") |> User.parse_bio())
|
|
|
|
|> Map.put(:nickname, params[:username])
|
|
|
|
|> Map.put(:name, Map.get(params, :fullname, params[:username]))
|
|
|
|
|> Map.put(:password_confirmation, params[:password])
|
2020-07-16 19:25:53 -06:00
|
|
|
|> Map.put(:registration_reason, HTML.strip_tags(params[:reason]))
|
2017-04-16 02:25:27 -06:00
|
|
|
|
2020-04-29 10:48:08 -06:00
|
|
|
if Pleroma.Config.get([:instance, :registrations_open]) do
|
|
|
|
create_user(params, opts)
|
2018-12-14 15:31:19 -07:00
|
|
|
else
|
2020-04-29 10:48:08 -06:00
|
|
|
create_user_with_invite(params, opts)
|
2020-04-03 12:45:08 -06:00
|
|
|
end
|
2019-05-13 12:35:45 -06:00
|
|
|
end
|
|
|
|
|
2020-04-03 12:45:08 -06:00
|
|
|
defp create_user_with_invite(params, opts) do
|
|
|
|
with %{token: token} when is_binary(token) <- params,
|
|
|
|
%UserInviteToken{} = invite <- Repo.get_by(UserInviteToken, %{token: token}),
|
|
|
|
true <- UserInviteToken.valid_invite?(invite) do
|
|
|
|
UserInviteToken.update_usage!(invite)
|
|
|
|
create_user(params, opts)
|
|
|
|
else
|
|
|
|
nil -> {:error, "Invalid token"}
|
|
|
|
_ -> {:error, "Expired token"}
|
2019-04-06 04:18:59 -06:00
|
|
|
end
|
|
|
|
end
|
2018-12-14 15:31:19 -07:00
|
|
|
|
2019-05-13 12:35:45 -06:00
|
|
|
defp create_user(params, opts) do
|
|
|
|
changeset = User.register_changeset(%User{}, params, opts)
|
2018-12-14 15:31:19 -07:00
|
|
|
|
2019-04-06 04:18:59 -06:00
|
|
|
case User.register(changeset) do
|
|
|
|
{:ok, user} ->
|
2020-07-14 19:31:20 -06:00
|
|
|
maybe_notify_admins(user)
|
2019-04-06 04:18:59 -06:00
|
|
|
{:ok, user}
|
2018-03-30 07:01:53 -06:00
|
|
|
|
2019-04-06 04:18:59 -06:00
|
|
|
{:error, changeset} ->
|
|
|
|
errors =
|
2020-04-29 10:48:08 -06:00
|
|
|
changeset
|
|
|
|
|> Ecto.Changeset.traverse_errors(fn {msg, _opts} -> msg end)
|
2019-04-06 04:18:59 -06:00
|
|
|
|> Jason.encode!()
|
|
|
|
|
2020-04-29 10:48:08 -06:00
|
|
|
{:error, errors}
|
2017-04-16 02:25:27 -06:00
|
|
|
end
|
|
|
|
end
|
|
|
|
|
2020-07-14 19:31:20 -06:00
|
|
|
defp maybe_notify_admins(%User{} = account) do
|
|
|
|
if Pleroma.Config.get([:instance, :account_approval_required]) do
|
|
|
|
User.all_superusers()
|
|
|
|
|> Enum.filter(fn user -> not is_nil(user.email) end)
|
|
|
|
|> Enum.each(fn superuser ->
|
|
|
|
superuser
|
|
|
|
|> Pleroma.Emails.AdminEmail.new_unapproved_registration(account)
|
|
|
|
|> Pleroma.Emails.Mailer.deliver_async()
|
|
|
|
end)
|
|
|
|
end
|
|
|
|
end
|
|
|
|
|
2018-12-13 03:17:49 -07:00
|
|
|
def password_reset(nickname_or_email) do
|
|
|
|
with true <- is_binary(nickname_or_email),
|
2020-04-29 10:48:08 -06:00
|
|
|
%User{local: true, email: email} = user when is_binary(email) <-
|
2020-02-27 06:27:49 -07:00
|
|
|
User.get_by_nickname_or_email(nickname_or_email),
|
2018-12-13 03:17:49 -07:00
|
|
|
{:ok, token_record} <- Pleroma.PasswordResetToken.create_token(user) do
|
|
|
|
user
|
2018-12-17 07:28:58 -07:00
|
|
|
|> UserEmail.password_reset_email(token_record.token)
|
2019-02-20 09:51:25 -07:00
|
|
|
|> Mailer.deliver_async()
|
2019-07-17 12:09:31 -06:00
|
|
|
|
|
|
|
{:ok, :enqueued}
|
2018-12-13 03:17:49 -07:00
|
|
|
else
|
|
|
|
false ->
|
|
|
|
{:error, "bad user identifier"}
|
|
|
|
|
2020-02-27 06:27:49 -07:00
|
|
|
%User{local: true, email: nil} ->
|
|
|
|
{:ok, :noop}
|
|
|
|
|
2018-12-13 03:17:49 -07:00
|
|
|
%User{local: false} ->
|
|
|
|
{:error, "remote user"}
|
|
|
|
|
|
|
|
nil ->
|
|
|
|
{:error, "unknown user"}
|
|
|
|
end
|
|
|
|
end
|
2020-04-29 10:48:08 -06:00
|
|
|
|
|
|
|
def validate_captcha(app, params) do
|
|
|
|
if app.trusted || not Pleroma.Captcha.enabled?() do
|
|
|
|
:ok
|
|
|
|
else
|
|
|
|
do_validate_captcha(params)
|
|
|
|
end
|
|
|
|
end
|
|
|
|
|
|
|
|
defp do_validate_captcha(params) do
|
|
|
|
with :ok <- validate_captcha_presence(params),
|
|
|
|
:ok <-
|
|
|
|
Pleroma.Captcha.validate(
|
|
|
|
params[:captcha_token],
|
|
|
|
params[:captcha_solution],
|
|
|
|
params[:captcha_answer_data]
|
|
|
|
) do
|
|
|
|
:ok
|
|
|
|
else
|
|
|
|
{:error, :captcha_error} ->
|
|
|
|
captcha_error(dgettext("errors", "CAPTCHA Error"))
|
|
|
|
|
|
|
|
{:error, :invalid} ->
|
|
|
|
captcha_error(dgettext("errors", "Invalid CAPTCHA"))
|
|
|
|
|
|
|
|
{:error, :kocaptcha_service_unavailable} ->
|
|
|
|
captcha_error(dgettext("errors", "Kocaptcha service unavailable"))
|
|
|
|
|
|
|
|
{:error, :expired} ->
|
|
|
|
captcha_error(dgettext("errors", "CAPTCHA expired"))
|
|
|
|
|
|
|
|
{:error, :already_used} ->
|
|
|
|
captcha_error(dgettext("errors", "CAPTCHA already used"))
|
|
|
|
|
|
|
|
{:error, :invalid_answer_data} ->
|
|
|
|
captcha_error(dgettext("errors", "Invalid answer data"))
|
|
|
|
|
|
|
|
{:error, error} ->
|
|
|
|
captcha_error(error)
|
|
|
|
end
|
|
|
|
end
|
|
|
|
|
|
|
|
defp validate_captcha_presence(params) do
|
|
|
|
[:captcha_solution, :captcha_token, :captcha_answer_data]
|
|
|
|
|> Enum.find_value(:ok, fn key ->
|
|
|
|
unless is_binary(params[key]) do
|
|
|
|
error = dgettext("errors", "Invalid CAPTCHA (Missing parameter: %{name})", name: key)
|
|
|
|
{:error, error}
|
|
|
|
end
|
|
|
|
end)
|
|
|
|
end
|
|
|
|
|
|
|
|
# For some reason FE expects error message to be a serialized JSON
|
|
|
|
defp captcha_error(error), do: {:error, Jason.encode!(%{captcha: [error]})}
|
2017-03-21 10:53:20 -06:00
|
|
|
end
|