hj/pleroma
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity

mastoapi password reset

Browse source 
added rate limit to password reset

configure rate limit in runtime
This commit is contained in:
Alexander Strizhakov 2019-07-16 21:44:50 +00:00 committed by kaniini
commit 10f82c88b8
8 changed files with 90 additions and 6 deletions
Download patch file Download diff file Expand all files Collapse all files

17
lib/pleroma/web/mastodon_api/mastodon_api_controller.ex
View file

@ -73,6 +73,7 @@ defmodule Pleroma.Web.MastodonAPI.MastodonAPIController do
plug(RateLimiter, :statuses_actions when action in @rate_limited_status_actions)
plug(RateLimiter, :app_account_creation when action == :account_register)
plug(RateLimiter, :search when action in [:search, :search2, :account_search])
plug(RateLimiter, :password_reset when action == :password_reset)
@local_mastodon_name "Mastodon-Local"
@ -1816,6 +1817,22 @@ defmodule Pleroma.Web.MastodonAPI.MastodonAPIController do
end
end
def password_reset(conn, params) do
nickname_or_email = params["email"] || params["nickname"]
with {:ok, _} <- TwitterAPI.password_reset(nickname_or_email) do
conn
|> put_status(:no_content)
|> json("")
else
{:error, "unknown user"} ->
put_status(conn, :not_found)
{:error, _} ->
put_status(conn, :bad_request)
end
end
def try_render(conn, target, params)
when is_binary(target) do
case render(conn, target, params) do