[#114] Account confirmation email, registration as unconfirmed (config-based), auth prevention for unconfirmed.

lib/pleroma/web/twitter_api/controllers/util_controller.ex

@@ -174,6 +174,8 @@ defmodule Pleroma.Web.TwitterAPI.UtilController do
           closed: if(Keyword.get(instance, :registrations_open), do: "0", else: "1"),
           private: if(Keyword.get(instance, :public, true), do: "0", else: "1"),
           vapidPublicKey: vapid_public_key,
+          accountActivationRequired:
+            if(Keyword.get(instance, :account_activation_required, false), do: "1", else: "0"),
           invitesEnabled: if(Keyword.get(instance, :invites_enabled, false), do: "1", else: "0")
         }
 

lib/pleroma/web/twitter_api/twitter_api.ex

@@ -1,8 +1,10 @@
 defmodule Pleroma.Web.TwitterAPI.TwitterAPI do
   alias Pleroma.{UserInviteToken, User, Activity, Repo, Object}
+  alias Pleroma.{UserEmail, Mailer}
   alias Pleroma.Web.ActivityPub.ActivityPub
   alias Pleroma.Web.TwitterAPI.UserView
   alias Pleroma.Web.CommonAPI
+
   import Ecto.Query
 
   def create_status(%User{} = user, %{"status" => _} = data) do
@@ -165,6 +167,22 @@ defmodule Pleroma.Web.TwitterAPI.TwitterAPI do
 
           with {:ok, user} <- Repo.insert(changeset) do
             !registrations_open && UserInviteToken.mark_as_used(token.token)
+
+            if Pleroma.Config.get([:instance, :account_activation_required]) do
+              info_change = User.Info.confirmation_update(user.info, :unconfirmed)
+
+              {:ok, unconfirmed_user} =
+                user
+                |> Ecto.Changeset.change()
+                |> Ecto.Changeset.put_embed(:info, info_change)
+                |> Repo.update()
+
+              {:ok, _} =
+                unconfirmed_user
+                |> UserEmail.account_confirmation_email()
+                |> Mailer.deliver()
+            end
+
             {:ok, user}
           else
             {:error, changeset} ->
@@ -189,8 +207,8 @@ defmodule Pleroma.Web.TwitterAPI.TwitterAPI do
          %User{local: true} = user <- User.get_by_nickname_or_email(nickname_or_email),
          {:ok, token_record} <- Pleroma.PasswordResetToken.create_token(user) do
       user
-      |> Pleroma.UserEmail.password_reset_email(token_record.token)
-      |> Pleroma.Mailer.deliver()
+      |> UserEmail.password_reset_email(token_record.token)
+      |> Mailer.deliver()
     else
       false ->
         {:error, "bad user identifier"}

lib/pleroma/web/twitter_api/twitter_api_controller.ex

@@ -13,6 +13,7 @@ defmodule Pleroma.Web.TwitterAPI.Controller do
   require Logger
 
   plug(:only_if_public_instance when action in [:public_timeline, :public_and_external_timeline])
+  plug(:fetch_flash when action in [:confirm_email])
   action_fallback(:errors)
 
   def verify_credentials(%{assigns: %{user: user}} = conn, _params) do
@@ -375,8 +376,7 @@ defmodule Pleroma.Web.TwitterAPI.Controller do
   def confirm_email(conn, %{"token" => token}) do
     with %User{} = user <- User.get_by_confirmation_token(token),
          true <- user.local,
-         new_info_fields <- %{confirmation_pending: false, confirmation_token: nil},
-         info_change <- User.Info.confirmation_update(user.info, new_info_fields),
+         info_change <- User.Info.confirmation_update(user.info, :confirmed),
          changeset <- Changeset.change(user) |> Changeset.put_embed(:info, info_change),
          {:ok, _} <- User.update_and_set_cache(changeset) do
       conn