Move account_register, relationships and verify_credentials to MastodonAPI.AccountController

lib/pleroma/web/mastodon_api/controllers/account_controller.ex

@@ -8,22 +8,89 @@ defmodule Pleroma.Web.MastodonAPI.AccountController do
   import Pleroma.Web.ControllerHelper,
     only: [add_link_headers: 2, truthy_param?: 1, assign_account_by_id: 2, json_response: 3]
 
-  alias Pleroma.User
-  alias Pleroma.Web.CommonAPI
-  alias Pleroma.Web.ActivityPub.ActivityPub
-  alias Pleroma.Web.MastodonAPI.StatusView
-  alias Pleroma.Web.MastodonAPI.MastodonAPI
-  alias Pleroma.Web.MastodonAPI.ListView
   alias Pleroma.Plugs.RateLimiter
+  alias Pleroma.User
+  alias Pleroma.Web.ActivityPub.ActivityPub
+  alias Pleroma.Web.CommonAPI
+  alias Pleroma.Web.MastodonAPI.ListView
+  alias Pleroma.Web.MastodonAPI.MastodonAPI
+  alias Pleroma.Web.MastodonAPI.StatusView
+  alias Pleroma.Web.OAuth.Token
+  alias Pleroma.Web.TwitterAPI.TwitterAPI
 
-  @relations ~w(follow unfollow)a
+  @relations [:follow, :unfollow]
+  @needs_account ~W(followers following lists follow unfollow mute unmute block unblock)a
 
   plug(RateLimiter, {:relations_id_action, params: ["id", "uri"]} when action in @relations)
   plug(RateLimiter, :relations_actions when action in @relations)
-  plug(:assign_account_by_id when action not in [:show, :statuses])
+  plug(RateLimiter, :app_account_creation when action == :create)
+  plug(:assign_account_by_id when action in @needs_account)
 
   action_fallback(Pleroma.Web.MastodonAPI.FallbackController)
 
+  @doc "POST /api/v1/accounts"
+  def create(
+        %{assigns: %{app: app}} = conn,
+        %{"username" => nickname, "email" => _, "password" => _, "agreement" => true} = params
+      ) do
+    params =
+      params
+      |> Map.take([
+        "email",
+        "captcha_solution",
+        "captcha_token",
+        "captcha_answer_data",
+        "token",
+        "password"
+      ])
+      |> Map.put("nickname", nickname)
+      |> Map.put("fullname", params["fullname"] || nickname)
+      |> Map.put("bio", params["bio"] || "")
+      |> Map.put("confirm", params["password"])
+
+    with {:ok, user} <- TwitterAPI.register_user(params, need_confirmation: true),
+         {:ok, token} <- Token.create_token(app, user, %{scopes: app.scopes}) do
+      json(conn, %{
+        token_type: "Bearer",
+        access_token: token.token,
+        scope: app.scopes,
+        created_at: Token.Utils.format_created_at(token)
+      })
+    else
+      {:error, errors} -> json_response(conn, :bad_request, errors)
+    end
+  end
+
+  def create(%{assigns: %{app: _app}} = conn, _) do
+    render_error(conn, :bad_request, "Missing parameters")
+  end
+
+  def create(conn, _) do
+    render_error(conn, :forbidden, "Invalid credentials")
+  end
+
+  @doc "GET /api/v1/accounts/verify_credentials"
+  def verify_credentials(%{assigns: %{user: user}} = conn, _) do
+    chat_token = Phoenix.Token.sign(conn, "user socket", user.id)
+
+    render(conn, "show.json",
+      user: user,
+      for: user,
+      with_pleroma_settings: true,
+      with_chat_token: chat_token
+    )
+  end
+
+  @doc "GET /api/v1/accounts/relationships"
+  def relationships(%{assigns: %{user: user}} = conn, %{"id" => id}) do
+    targets = User.get_all_by_ids(List.wrap(id))
+
+    render(conn, "relationships.json", user: user, targets: targets)
+  end
+
+  # Instead of returning a 400 when no "id" params is present, Mastodon returns an empty array.
+  def relationships(%{assigns: %{user: _user}} = conn, _), do: json(conn, [])
+
   @doc "GET /api/v1/accounts/:id"
   def show(%{assigns: %{user: for_user}} = conn, %{"id" => nickname_or_id}) do
     with %User{} = user <- User.get_cached_by_nickname_or_id(nickname_or_id, for: for_user),

lib/pleroma/web/mastodon_api/controllers/mastodon_api_controller.ex

@@ -35,8 +35,6 @@ defmodule Pleroma.Web.MastodonAPI.MastodonAPIController do
 
   require Logger
 
-  plug(RateLimiter, :app_account_creation when action == :account_register)
-  plug(RateLimiter, :search when action in [:search, :search2, :account_search])
   plug(RateLimiter, :password_reset when action == :password_reset)
 
   @local_mastodon_name "Mastodon-Local"
@@ -164,20 +162,6 @@ defmodule Pleroma.Web.MastodonAPI.MastodonAPIController do
     end
   end
 
-
-  def verify_credentials(%{assigns: %{user: user}} = conn, _) do
-    chat_token = Phoenix.Token.sign(conn, "user socket", user.id)
-
-    account =
-      AccountView.render("show.json", %{
-        user: user,
-        for: user,
-        with_pleroma_settings: true,
-        with_chat_token: chat_token
-      })
-
-    json(conn, account)
-  end
   def verify_app_credentials(%{assigns: %{user: _user, token: token}} = conn, _) do
     with %Token{app: %App{} = app} <- Repo.preload(token, :app) do
       conn
@@ -288,17 +272,6 @@ defmodule Pleroma.Web.MastodonAPI.MastodonAPIController do
     end
   end
 
-  def relationships(%{assigns: %{user: user}} = conn, %{"id" => id}) do
-    targets = User.get_all_by_ids(List.wrap(id))
-
-    conn
-    |> put_view(AccountView)
-    |> render("relationships.json", %{user: user, targets: targets})
-  end
-
-  # Instead of returning a 400 when no "id" params is present, Mastodon returns an empty array.
-  def relationships(%{assigns: %{user: _user}} = conn, _), do: json(conn, [])
-
   def update_media(
         %{assigns: %{user: user}} = conn,
         %{"id" => id, "description" => description} = _
@@ -649,49 +622,6 @@ defmodule Pleroma.Web.MastodonAPI.MastodonAPIController do
     end
   end
 
-  def account_register(
-        %{assigns: %{app: app}} = conn,
-        %{"username" => nickname, "email" => _, "password" => _, "agreement" => true} = params
-      ) do
-    params =
-      params
-      |> Map.take([
-        "email",
-        "captcha_solution",
-        "captcha_token",
-        "captcha_answer_data",
-        "token",
-        "password"
-      ])
-      |> Map.put("nickname", nickname)
-      |> Map.put("fullname", params["fullname"] || nickname)
-      |> Map.put("bio", params["bio"] || "")
-      |> Map.put("confirm", params["password"])
-
-    with {:ok, user} <- TwitterAPI.register_user(params, need_confirmation: true),
-         {:ok, token} <- Token.create_token(app, user, %{scopes: app.scopes}) do
-      json(conn, %{
-        token_type: "Bearer",
-        access_token: token.token,
-        scope: app.scopes,
-        created_at: Token.Utils.format_created_at(token)
-      })
-    else
-      {:error, errors} ->
-        conn
-        |> put_status(:bad_request)
-        |> json(errors)
-    end
-  end
-
-  def account_register(%{assigns: %{app: _app}} = conn, _) do
-    render_error(conn, :bad_request, "Missing parameters")
-  end
-
-  def account_register(conn, _) do
-    render_error(conn, :forbidden, "Invalid credentials")
-  end
-
   def password_reset(conn, params) do
     nickname_or_email = params["email"] || params["nickname"]
 

lib/pleroma/web/router.ex

@@ -335,9 +335,9 @@ defmodule Pleroma.Web.Router do
     scope [] do
       pipe_through(:oauth_read)
 
-      get("/accounts/verify_credentials", MastodonAPIController, :verify_credentials)
+      get("/accounts/verify_credentials", AccountController, :verify_credentials)
 
-      get("/accounts/relationships", MastodonAPIController, :relationships)
+      get("/accounts/relationships", AccountController, :relationships)
 
       get("/accounts/:id/lists", AccountController, :lists)
       get("/accounts/:id/identity_proofs", MastodonAPIController, :empty_array)
@@ -459,7 +459,7 @@ defmodule Pleroma.Web.Router do
   scope "/api/v1", Pleroma.Web.MastodonAPI do
     pipe_through(:api)
 
-    post("/accounts", MastodonAPIController, :account_register)
+    post("/accounts", AccountController, :create)
 
     get("/instance", MastodonAPIController, :masto_instance)
     get("/instance/peers", MastodonAPIController, :peers)