akkoma/lib/pleroma/web/mastodon_api/controllers/app_controller.ex

64 lines
1.9 KiB
Elixir
Raw Normal View History

# Pleroma: A lightweight social networking server
# Copyright © 2017-2021 Pleroma Authors <https://pleroma.social/>
# SPDX-License-Identifier: AGPL-3.0-only
defmodule Pleroma.Web.MastodonAPI.AppController do
@moduledoc """
Controller for supporting app-related actions.
If authentication is an option, app tokens (user-unbound) must be supported.
"""
use Pleroma.Web, :controller
alias Pleroma.Repo
alias Pleroma.Web.OAuth.App
alias Pleroma.Web.OAuth.Scopes
alias Pleroma.Web.OAuth.Token
2021-08-26 03:01:04 +00:00
alias Pleroma.Web.Plugs.OAuthScopesPlug
action_fallback(Pleroma.Web.MastodonAPI.FallbackController)
plug(:skip_auth when action in [:create, :verify_credentials])
2021-08-26 03:01:04 +00:00
plug(:skip_plug, OAuthScopesPlug when action in [:index])
2020-05-04 16:16:18 +00:00
plug(Pleroma.Web.ApiSpec.CastAndValidate)
@local_mastodon_name "Mastodon-Local"
2020-04-01 19:00:59 +00:00
defdelegate open_api_operation(action), to: Pleroma.Web.ApiSpec.AppOperation
2021-08-26 03:01:04 +00:00
@doc "GET /api/v1/apps"
def index(%{assigns: %{user: user}} = conn, _params) do
with apps <- App.get_user_apps(user) do
render(conn, "index.json", %{apps: apps})
end
end
@doc "POST /api/v1/apps"
2020-04-01 19:00:59 +00:00
def create(%{body_params: params} = conn, _params) do
scopes = Scopes.fetch_scopes(params, ["read"])
app_attrs =
params
2020-04-01 19:00:59 +00:00
|> Map.take([:client_name, :redirect_uris, :website])
|> Map.put(:scopes, scopes)
with cs <- App.register_changeset(%App{}, app_attrs),
false <- cs.changes[:client_name] == @local_mastodon_name,
{:ok, app} <- Repo.insert(cs) do
render(conn, "show.json", app: app)
end
end
@doc """
GET /api/v1/apps/verify_credentials
Gets compact non-secret representation of the app. Supports app tokens and user tokens.
"""
def verify_credentials(%{assigns: %{token: %Token{} = token}} = conn, _) do
with %{app: %App{} = app} <- Repo.preload(token, :app) do
render(conn, "compact_non_secret.json", app: app)
end
end
end