Home Explore Help
Sign In
RISCI_ATOM
/
mastodon
mirror of https://github.com/tootsuite/mastodon.git
1
0
Fork 0
Files Issues 8 Wiki
Tree: d099cf67c0
Branches Tags
mastodon
/
app
/
controllers
/
api
/
v1
/
emails
/
confirmations_controller.rb

confirmations_controller.rb 1.2 KB
History Raw

123456789101112131415161718192021222324252627282930 
  1. # frozen_string_literal: true
    2. 

  2. 

  3. class Api::V1::Emails::ConfirmationsController < Api::BaseController
    4. 

  4.   before_action -> { authorize_if_got_token! :read, :'read:accounts' }, only: :check
    5. 

  5.   before_action -> { doorkeeper_authorize! :write, :'write:accounts' }, except: :check
    6. 

  6.   before_action :require_user_owned_by_application!, except: :check
    7. 

  7.   before_action :require_user_not_confirmed!, except: :check
    8. 

  8.   before_action :require_authenticated_user!, only: :check
    9. 

  9. 

  10.   def create
    11. 

  11.     current_user.update!(email: params[:email]) if params.key?(:email)
    12. 

  12.     current_user.resend_confirmation_instructions
    13. 

  13. 

  14.     render_empty
    15. 

  15.   end
    16. 

  16. 

  17.   def check
    18. 

  18.     render json: current_user.confirmed?
    19. 

  19.   end
    20. 

  20. 

  21.   private
    22. 

  22. 

  23.   def require_user_owned_by_application!
    24. 

  24.     render json: { error: 'This method is only available to the application the user originally signed-up with' }, status: 403 unless current_user && current_user.created_by_application_id == doorkeeper_token.application_id
    25. 

  25.   end
    26. 

  26. 

  27.   def require_user_not_confirmed!
    28. 

  28.     render json: { error: 'This method is only available while the e-mail is awaiting confirmation' }, status: 403 unless !current_user.confirmed? || current_user.unconfirmed_email.present?
    29. 

  29.   end
    30. 

  30. end
    31.