router.ex 23.3 KB
Newer Older
1
# Pleroma: A lightweight social networking server
kaniini's avatar
kaniini committed
2
# Copyright © 2017-2019 Pleroma Authors <https://pleroma.social/>
3
4
# SPDX-License-Identifier: AGPL-3.0-only

lain's avatar
lain committed
5
6
7
8
defmodule Pleroma.Web.Router do
  use Pleroma.Web, :router

  pipeline :api do
lain's avatar
lain committed
9
10
11
    plug(:accepts, ["json"])
    plug(:fetch_session)
    plug(Pleroma.Plugs.OAuthPlug)
lain's avatar
lain committed
12
13
14
    plug(Pleroma.Plugs.BasicAuthDecoderPlug)
    plug(Pleroma.Plugs.UserFetcherPlug)
    plug(Pleroma.Plugs.SessionAuthenticationPlug)
lain's avatar
lain committed
15
    plug(Pleroma.Plugs.LegacyAuthenticationPlug)
lain's avatar
lain committed
16
    plug(Pleroma.Plugs.AuthenticationPlug)
lain's avatar
lain committed
17
18
    plug(Pleroma.Plugs.UserEnabledPlug)
    plug(Pleroma.Plugs.SetUserSessionIdPlug)
lain's avatar
lain committed
19
    plug(Pleroma.Plugs.EnsureUserKeyPlug)
lain's avatar
lain committed
20
21
  end

22
  pipeline :authenticated_api do
lain's avatar
lain committed
23
24
25
    plug(:accepts, ["json"])
    plug(:fetch_session)
    plug(Pleroma.Plugs.OAuthPlug)
lain's avatar
lain committed
26
27
28
    plug(Pleroma.Plugs.BasicAuthDecoderPlug)
    plug(Pleroma.Plugs.UserFetcherPlug)
    plug(Pleroma.Plugs.SessionAuthenticationPlug)
lain's avatar
lain committed
29
    plug(Pleroma.Plugs.LegacyAuthenticationPlug)
lain's avatar
lain committed
30
    plug(Pleroma.Plugs.AuthenticationPlug)
lain's avatar
lain committed
31
32
    plug(Pleroma.Plugs.UserEnabledPlug)
    plug(Pleroma.Plugs.SetUserSessionIdPlug)
lain's avatar
lain committed
33
    plug(Pleroma.Plugs.EnsureAuthenticatedPlug)
lain's avatar
lain committed
34
35
  end

Haelwenn's avatar
Haelwenn committed
36
37
38
39
40
41
42
43
44
  pipeline :admin_api do
    plug(:accepts, ["json"])
    plug(:fetch_session)
    plug(Pleroma.Plugs.OAuthPlug)
    plug(Pleroma.Plugs.BasicAuthDecoderPlug)
    plug(Pleroma.Plugs.UserFetcherPlug)
    plug(Pleroma.Plugs.SessionAuthenticationPlug)
    plug(Pleroma.Plugs.LegacyAuthenticationPlug)
    plug(Pleroma.Plugs.AuthenticationPlug)
45
    plug(Pleroma.Plugs.AdminSecretAuthenticationPlug)
Haelwenn's avatar
Haelwenn committed
46
47
48
49
50
51
    plug(Pleroma.Plugs.UserEnabledPlug)
    plug(Pleroma.Plugs.SetUserSessionIdPlug)
    plug(Pleroma.Plugs.EnsureAuthenticatedPlug)
    plug(Pleroma.Plugs.UserIsAdminPlug)
  end

lain's avatar
lain committed
52
  pipeline :mastodon_html do
lain's avatar
lain committed
53
54
55
    plug(:accepts, ["html"])
    plug(:fetch_session)
    plug(Pleroma.Plugs.OAuthPlug)
lain's avatar
lain committed
56
57
58
    plug(Pleroma.Plugs.BasicAuthDecoderPlug)
    plug(Pleroma.Plugs.UserFetcherPlug)
    plug(Pleroma.Plugs.SessionAuthenticationPlug)
lain's avatar
lain committed
59
    plug(Pleroma.Plugs.LegacyAuthenticationPlug)
lain's avatar
lain committed
60
    plug(Pleroma.Plugs.AuthenticationPlug)
lain's avatar
lain committed
61
62
    plug(Pleroma.Plugs.UserEnabledPlug)
    plug(Pleroma.Plugs.SetUserSessionIdPlug)
lain's avatar
lain committed
63
    plug(Pleroma.Plugs.EnsureUserKeyPlug)
lain's avatar
lain committed
64
65
  end

66
  pipeline :pleroma_html do
lain's avatar
lain committed
67
68
69
    plug(:accepts, ["html"])
    plug(:fetch_session)
    plug(Pleroma.Plugs.OAuthPlug)
lain's avatar
lain committed
70
71
72
73
74
    plug(Pleroma.Plugs.BasicAuthDecoderPlug)
    plug(Pleroma.Plugs.UserFetcherPlug)
    plug(Pleroma.Plugs.SessionAuthenticationPlug)
    plug(Pleroma.Plugs.AuthenticationPlug)
    plug(Pleroma.Plugs.EnsureUserKeyPlug)
75
76
  end

77
78
79
80
81
82
83
  pipeline :oauth_read_or_unauthenticated do
    plug(Pleroma.Plugs.OAuthScopesPlug, %{
      scopes: ["read"],
      fallback: :proceed_unauthenticated
    })
  end

84
  pipeline :oauth_read do
85
    plug(Pleroma.Plugs.OAuthScopesPlug, %{scopes: ["read"]})
86
87
88
  end

  pipeline :oauth_write do
89
    plug(Pleroma.Plugs.OAuthScopesPlug, %{scopes: ["write"]})
90
91
92
  end

  pipeline :oauth_follow do
93
    plug(Pleroma.Plugs.OAuthScopesPlug, %{scopes: ["follow"]})
94
95
  end

96
97
98
99
  pipeline :oauth_push do
    plug(Pleroma.Plugs.OAuthScopesPlug, %{scopes: ["push"]})
  end

lain's avatar
lain committed
100
  pipeline :well_known do
lain's avatar
lain committed
101
    plug(:accepts, ["json", "jrd+json", "xml", "xrd+xml"])
lain's avatar
lain committed
102
103
  end

lain's avatar
lain committed
104
  pipeline :config do
lain's avatar
lain committed
105
    plug(:accepts, ["json", "xml"])
lain's avatar
lain committed
106
107
  end

108
  pipeline :oauth do
lain's avatar
lain committed
109
    plug(:accepts, ["html", "json"])
110
111
  end

eal's avatar
eal committed
112
  pipeline :pleroma_api do
lain's avatar
lain committed
113
    plug(:accepts, ["html", "json"])
Roger Braun's avatar
Roger Braun committed
114
115
  end

116
117
118
119
120
121
122
123
124
  pipeline :mailbox_preview do
    plug(:accepts, ["html"])

    plug(:put_secure_browser_headers, %{
      "content-security-policy" =>
        "default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval'; style-src 'self' 'unsafe-inline' 'unsafe-eval'"
    })
  end

Roger Braun's avatar
Roger Braun committed
125
  scope "/api/pleroma", Pleroma.Web.TwitterAPI do
lain's avatar
lain committed
126
    pipe_through(:pleroma_api)
127

lain's avatar
lain committed
128
129
130
    get("/password_reset/:token", UtilController, :show_password_reset)
    post("/password_reset", UtilController, :password_reset)
    get("/emoji", UtilController, :emoji)
131
    get("/captcha", UtilController, :captcha)
Roger Braun's avatar
Roger Braun committed
132
133
  end

href's avatar
href committed
134
135
136
137
138
  scope "/api/pleroma", Pleroma.Web do
    pipe_through(:pleroma_api)
    post("/uploader_callback/:upload_path", UploaderController, :callback)
  end

Haelwenn's avatar
Haelwenn committed
139
  scope "/api/pleroma/admin", Pleroma.Web.AdminAPI do
140
141
    pipe_through([:admin_api, :oauth_write])

Maxim Filippov's avatar
Maxim Filippov committed
142
    get("/users", AdminAPIController, :list_users)
Maxim Filippov's avatar
Maxim Filippov committed
143
    get("/users/search", AdminAPIController, :search_users)
Haelwenn's avatar
Haelwenn committed
144
    delete("/user", AdminAPIController, :user_delete)
Maxim Filippov's avatar
Maxim Filippov committed
145
    patch("/users/:nickname/toggle_activation", AdminAPIController, :user_toggle_activation)
Haelwenn's avatar
Haelwenn committed
146
    post("/user", AdminAPIController, :user_create)
147
    put("/users/tag", AdminAPIController, :tag_users)
148
    delete("/users/tag", AdminAPIController, :untag_users)
Haelwenn's avatar
Haelwenn committed
149

150
151
152
153
    get("/permission_group/:nickname", AdminAPIController, :right_get)
    get("/permission_group/:nickname/:permission_group", AdminAPIController, :right_get)
    post("/permission_group/:nickname/:permission_group", AdminAPIController, :right_add)
    delete("/permission_group/:nickname/:permission_group", AdminAPIController, :right_delete)
Haelwenn's avatar
Haelwenn committed
154

155
156
    put("/activation_status/:nickname", AdminAPIController, :set_activation_status)

Haelwenn's avatar
Haelwenn committed
157
158
159
160
    post("/relay", AdminAPIController, :relay_follow)
    delete("/relay", AdminAPIController, :relay_unfollow)

    get("/invite_token", AdminAPIController, :get_invite_token)
161
162
    post("/email_invite", AdminAPIController, :email_invite)

Haelwenn's avatar
Haelwenn committed
163
164
165
    get("/password_reset", AdminAPIController, :get_password_reset)
  end

166
  scope "/", Pleroma.Web.TwitterAPI do
lain's avatar
lain committed
167
    pipe_through(:pleroma_html)
168

lain's avatar
lain committed
169
    post("/main/ostatus", UtilController, :remote_subscribe)
170
171
172
173
174
175
    get("/ostatus_subscribe", UtilController, :remote_follow)

    scope [] do
      pipe_through(:oauth_follow)
      post("/ostatus_subscribe", UtilController, :do_remote_follow)
    end
176
177
  end

eal's avatar
eal committed
178
  scope "/api/pleroma", Pleroma.Web.TwitterAPI do
lain's avatar
lain committed
179
    pipe_through(:authenticated_api)
180
181
182
183
184
185
186
187
188
189
190
191
192
193

    scope [] do
      pipe_through(:oauth_write)

      post("/change_password", UtilController, :change_password)
      post("/delete_account", UtilController, :delete_account)
    end

    scope [] do
      pipe_through(:oauth_follow)

      post("/blocks_import", UtilController, :blocks_import)
      post("/follow_import", UtilController, :follow_import)
    end
eal's avatar
eal committed
194
195
  end

196
  scope "/oauth", Pleroma.Web.OAuth do
lain's avatar
lain committed
197
198
199
    get("/authorize", OAuthController, :authorize)
    post("/authorize", OAuthController, :create_authorization)
    post("/token", OAuthController, :token_exchange)
200
    post("/revoke", OAuthController, :token_revoke)
201
202
203
  end

  scope "/api/v1", Pleroma.Web.MastodonAPI do
lain's avatar
lain committed
204
    pipe_through(:authenticated_api)
205

206
207
    scope [] do
      pipe_through(:oauth_read)
208

209
210
      get("/accounts/verify_credentials", MastodonAPIController, :verify_credentials)

211
212
      get("/accounts/relationships", MastodonAPIController, :relationships)
      get("/accounts/search", MastodonAPIController, :account_search)
eal's avatar
eal committed
213

214
      get("/accounts/:id/lists", MastodonAPIController, :account_lists)
lain's avatar
lain committed
215

216
217
      get("/follow_requests", MastodonAPIController, :follow_requests)
      get("/blocks", MastodonAPIController, :blocks)
218
      get("/mutes", MastodonAPIController, :mutes)
Roger Braun's avatar
Roger Braun committed
219

220
221
      get("/timelines/home", MastodonAPIController, :home_timeline)
      get("/timelines/direct", MastodonAPIController, :dm_timeline)
lain's avatar
lain committed
222

223
224
      get("/favourites", MastodonAPIController, :favourites)
      get("/bookmarks", MastodonAPIController, :bookmarks)
225

226
227
228
229
      post("/notifications/clear", MastodonAPIController, :clear_notifications)
      post("/notifications/dismiss", MastodonAPIController, :dismiss_notification)
      get("/notifications", MastodonAPIController, :notifications)
      get("/notifications/:id", MastodonAPIController, :get_notification)
230

231
232
233
      get("/lists", MastodonAPIController, :get_lists)
      get("/lists/:id", MastodonAPIController, :get_list)
      get("/lists/:id/accounts", MastodonAPIController, :list_accounts)
lain's avatar
lain committed
234

235
      get("/domain_blocks", MastodonAPIController, :domain_blocks)
236

237
      get("/filters", MastodonAPIController, :get_filters)
lain's avatar
lain committed
238

239
      get("/suggestions", MastodonAPIController, :suggestions)
eal's avatar
eal committed
240

241
      get("/endorsements", MastodonAPIController, :empty_array)
242

243
      get("/pleroma/flavour", MastodonAPIController, :get_flavour)
244
    end
eal's avatar
eal committed
245

246
247
    scope [] do
      pipe_through(:oauth_write)
hakabahitoyo's avatar
hakabahitoyo committed
248

249
      patch("/accounts/update_credentials", MastodonAPIController, :update_credentials)
Haelwenn's avatar
Haelwenn committed
250

251
252
      post("/statuses", MastodonAPIController, :post_status)
      delete("/statuses/:id", MastodonAPIController, :delete_status)
253

Ivan Tashkinov's avatar
Ivan Tashkinov committed
254
255
256
257
258
259
260
261
262
263
      post("/statuses/:id/reblog", MastodonAPIController, :reblog_status)
      post("/statuses/:id/unreblog", MastodonAPIController, :unreblog_status)
      post("/statuses/:id/favourite", MastodonAPIController, :fav_status)
      post("/statuses/:id/unfavourite", MastodonAPIController, :unfav_status)
      post("/statuses/:id/pin", MastodonAPIController, :pin_status)
      post("/statuses/:id/unpin", MastodonAPIController, :unpin_status)
      post("/statuses/:id/bookmark", MastodonAPIController, :bookmark_status)
      post("/statuses/:id/unbookmark", MastodonAPIController, :unbookmark_status)
      post("/statuses/:id/mute", MastodonAPIController, :mute_conversation)
      post("/statuses/:id/unmute", MastodonAPIController, :unmute_conversation)
264

265
266
267
268
269
270
271
272
273
274
275
276
277
278
      post("/media", MastodonAPIController, :upload)
      put("/media/:id", MastodonAPIController, :update_media)

      delete("/lists/:id", MastodonAPIController, :delete_list)
      post("/lists", MastodonAPIController, :create_list)
      put("/lists/:id", MastodonAPIController, :rename_list)

      post("/lists/:id/accounts", MastodonAPIController, :add_to_list)
      delete("/lists/:id/accounts", MastodonAPIController, :remove_from_list)

      post("/filters", MastodonAPIController, :create_filter)
      get("/filters/:id", MastodonAPIController, :get_filter)
      put("/filters/:id", MastodonAPIController, :update_filter)
      delete("/filters/:id", MastodonAPIController, :delete_filter)
279
280

      post("/pleroma/flavour/:flavour", MastodonAPIController, :set_flavour)
minibikini's avatar
Reports    
minibikini committed
281
282

      post("/reports", MastodonAPIController, :reports)
283
284
285
286
287
288
289
290
291
292
293
    end

    scope [] do
      pipe_through(:oauth_follow)

      post("/follows", MastodonAPIController, :follow)
      post("/accounts/:id/follow", MastodonAPIController, :follow)

      post("/accounts/:id/unfollow", MastodonAPIController, :unfollow)
      post("/accounts/:id/block", MastodonAPIController, :block)
      post("/accounts/:id/unblock", MastodonAPIController, :unblock)
294
295
      post("/accounts/:id/mute", MastodonAPIController, :mute)
      post("/accounts/:id/unmute", MastodonAPIController, :unmute)
296
297
298
299
300
301

      post("/follow_requests/:id/authorize", MastodonAPIController, :authorize_follow_request)
      post("/follow_requests/:id/reject", MastodonAPIController, :reject_follow_request)

      post("/domain_blocks", MastodonAPIController, :block_domain)
      delete("/domain_blocks", MastodonAPIController, :unblock_domain)
302
303
304
305
    end

    scope [] do
      pipe_through(:oauth_push)
306
307
308
309
310
311

      post("/push/subscription", MastodonAPIController, :create_push_subscription)
      get("/push/subscription", MastodonAPIController, :get_push_subscription)
      put("/push/subscription", MastodonAPIController, :update_push_subscription)
      delete("/push/subscription", MastodonAPIController, :delete_push_subscription)
    end
lain's avatar
lain committed
312
313
  end

314
  scope "/api/web", Pleroma.Web.MastodonAPI do
315
    pipe_through([:authenticated_api, :oauth_write])
316
317
318
319

    put("/settings", MastodonAPIController, :put_settings)
  end

Roger Braun's avatar
Roger Braun committed
320
  scope "/api/v1", Pleroma.Web.MastodonAPI do
lain's avatar
lain committed
321
    pipe_through(:api)
322

lain's avatar
lain committed
323
324
325
326
327
    get("/instance", MastodonAPIController, :masto_instance)
    get("/instance/peers", MastodonAPIController, :peers)
    post("/apps", MastodonAPIController, :create_app)
    get("/custom_emojis", MastodonAPIController, :custom_emojis)

328
    get("/statuses/:id/card", MastodonAPIController, :status_card)
329

lain's avatar
lain committed
330
331
332
    get("/statuses/:id/favourited_by", MastodonAPIController, :favourited_by)
    get("/statuses/:id/reblogged_by", MastodonAPIController, :reblogged_by)

Haelwenn's avatar
Haelwenn committed
333
334
    get("/trends", MastodonAPIController, :empty_array)

335
336
337
338
339
340
341
342
343
344
345
346
347
348
349
350
351
    scope [] do
      pipe_through(:oauth_read_or_unauthenticated)

      get("/timelines/public", MastodonAPIController, :public_timeline)
      get("/timelines/tag/:tag", MastodonAPIController, :hashtag_timeline)
      get("/timelines/list/:list_id", MastodonAPIController, :list_timeline)

      get("/statuses/:id", MastodonAPIController, :get_status)
      get("/statuses/:id/context", MastodonAPIController, :get_context)

      get("/accounts/:id/statuses", MastodonAPIController, :user_statuses)
      get("/accounts/:id/followers", MastodonAPIController, :followers)
      get("/accounts/:id/following", MastodonAPIController, :following)
      get("/accounts/:id", MastodonAPIController, :user)

      get("/search", MastodonAPIController, :search)
    end
Roger Braun's avatar
Roger Braun committed
352
353
  end

354
  scope "/api/v2", Pleroma.Web.MastodonAPI do
355
    pipe_through([:api, :oauth_read_or_unauthenticated])
356
357
358
    get("/search", MastodonAPIController, :search2)
  end

lain's avatar
lain committed
359
  scope "/api", Pleroma.Web do
lain's avatar
lain committed
360
    pipe_through(:config)
dtluna's avatar
dtluna committed
361

lain's avatar
lain committed
362
363
364
365
    get("/help/test", TwitterAPI.UtilController, :help_test)
    post("/help/test", TwitterAPI.UtilController, :help_test)
    get("/statusnet/config", TwitterAPI.UtilController, :config)
    get("/statusnet/version", TwitterAPI.UtilController, :version)
lain's avatar
lain committed
366
    get("/pleroma/frontend_configurations", TwitterAPI.UtilController, :frontend_configurations)
lain's avatar
lain committed
367
368
369
  end

  scope "/api", Pleroma.Web do
lain's avatar
lain committed
370
    pipe_through(:api)
dtluna's avatar
dtluna committed
371

HJ's avatar
HJ committed
372
    post("/account/register", TwitterAPI.Controller, :register)
373
    post("/account/password_reset", TwitterAPI.Controller, :password_reset)
lain's avatar
lain committed
374

375
376
    post("/account/resend_confirmation_email", TwitterAPI.Controller, :resend_confirmation_email)

377
378
379
380
381
382
    get(
      "/account/confirm_email/:user_id/:token",
      TwitterAPI.Controller,
      :confirm_email,
      as: :confirm_email
    )
lain's avatar
lain committed
383

384
385
386
387
388
389
390
391
392
393
394
395
    scope [] do
      pipe_through(:oauth_read_or_unauthenticated)

      get("/statuses/user_timeline", TwitterAPI.Controller, :user_timeline)
      get("/qvitter/statuses/user_timeline", TwitterAPI.Controller, :user_timeline)
      get("/users/show", TwitterAPI.Controller, :show_user)

      get("/statuses/followers", TwitterAPI.Controller, :followers)
      get("/statuses/friends", TwitterAPI.Controller, :friends)
      get("/statuses/blocks", TwitterAPI.Controller, :blocks)
      get("/statuses/show/:id", TwitterAPI.Controller, :fetch_status)
      get("/statusnet/conversation/:id", TwitterAPI.Controller, :fetch_conversation)
396

397
398
399
      get("/search", TwitterAPI.Controller, :search)
      get("/statusnet/tags/timeline/:tag", TwitterAPI.Controller, :public_and_external_timeline)
    end
400
401
  end

lain's avatar
lain committed
402
  scope "/api", Pleroma.Web do
403
    pipe_through([:api, :oauth_read_or_unauthenticated])
lain's avatar
lain committed
404
405
406
407
408
409
410
411
412
413
414
415

    get("/statuses/public_timeline", TwitterAPI.Controller, :public_timeline)

    get(
      "/statuses/public_and_external_timeline",
      TwitterAPI.Controller,
      :public_and_external_timeline
    )

    get("/statuses/networkpublic_timeline", TwitterAPI.Controller, :public_and_external_timeline)
  end

416
  scope "/api", Pleroma.Web, as: :twitter_api_search do
417
    pipe_through([:api, :oauth_read_or_unauthenticated])
418
419
420
421
    get("/pleroma/search_user", TwitterAPI.Controller, :search_user)
  end

  scope "/api", Pleroma.Web, as: :authenticated_twitter_api do
lain's avatar
lain committed
422
    pipe_through(:authenticated_api)
423

424
425
    get("/oauth_tokens", TwitterAPI.Controller, :oauth_tokens)
    delete("/oauth_tokens/:id", TwitterAPI.Controller, :revoke_token)
dtluna's avatar
dtluna committed
426

427
428
429
    scope [] do
      pipe_through(:oauth_read)

430
431
432
      get("/account/verify_credentials", TwitterAPI.Controller, :verify_credentials)
      post("/account/verify_credentials", TwitterAPI.Controller, :verify_credentials)

433
434
435
436
437
438
439
440
441
442
443
444
445
446
447
448
      get("/statuses/home_timeline", TwitterAPI.Controller, :friends_timeline)
      get("/statuses/friends_timeline", TwitterAPI.Controller, :friends_timeline)
      get("/statuses/mentions", TwitterAPI.Controller, :mentions_timeline)
      get("/statuses/mentions_timeline", TwitterAPI.Controller, :mentions_timeline)
      get("/statuses/dm_timeline", TwitterAPI.Controller, :dm_timeline)
      get("/qvitter/statuses/notifications", TwitterAPI.Controller, :notifications)

      get("/pleroma/friend_requests", TwitterAPI.Controller, :friend_requests)

      get("/friends/ids", TwitterAPI.Controller, :friends_ids)
      get("/friendships/no_retweets/ids", TwitterAPI.Controller, :empty_array)

      get("/mutes/users/ids", TwitterAPI.Controller, :empty_array)
      get("/qvitter/mutes", TwitterAPI.Controller, :raw_empty_array)

      get("/externalprofile/show", TwitterAPI.Controller, :external_profile)
lain's avatar
lain committed
449

450
451
      post("/qvitter/statuses/notifications/read", TwitterAPI.Controller, :notifications_read)
    end
dtluna's avatar
dtluna committed
452

453
454
    scope [] do
      pipe_through(:oauth_write)
455

456
457
458
      post("/account/update_profile", TwitterAPI.Controller, :update_profile)
      post("/account/update_profile_banner", TwitterAPI.Controller, :update_banner)
      post("/qvitter/update_background_image", TwitterAPI.Controller, :update_background)
dtluna's avatar
dtluna committed
459

460
461
462
463
      post("/statuses/update", TwitterAPI.Controller, :status_update)
      post("/statuses/retweet/:id", TwitterAPI.Controller, :retweet)
      post("/statuses/unretweet/:id", TwitterAPI.Controller, :unretweet)
      post("/statuses/destroy/:id", TwitterAPI.Controller, :delete_post)
464

465
466
      post("/statuses/pin/:id", TwitterAPI.Controller, :pin)
      post("/statuses/unpin/:id", TwitterAPI.Controller, :unpin)
467

468
469
470
      post("/statusnet/media/upload", TwitterAPI.Controller, :upload)
      post("/media/upload", TwitterAPI.Controller, :upload_json)
      post("/media/metadata/create", TwitterAPI.Controller, :update_media)
dtluna's avatar
dtluna committed
471

472
473
474
      post("/favorites/create/:id", TwitterAPI.Controller, :favorite)
      post("/favorites/create", TwitterAPI.Controller, :favorite)
      post("/favorites/destroy/:id", TwitterAPI.Controller, :unfavorite)
dtluna's avatar
dtluna committed
475

476
477
      post("/qvitter/update_avatar", TwitterAPI.Controller, :update_avatar)
    end
dtluna's avatar
dtluna committed
478

479
480
    scope [] do
      pipe_through(:oauth_follow)
lain's avatar
lain committed
481

482
483
      post("/pleroma/friendships/approve", TwitterAPI.Controller, :approve_friend_request)
      post("/pleroma/friendships/deny", TwitterAPI.Controller, :deny_friend_request)
484

485
486
      post("/friendships/create", TwitterAPI.Controller, :follow)
      post("/friendships/destroy", TwitterAPI.Controller, :unfollow)
487

488
489
490
      post("/blocks/create", TwitterAPI.Controller, :block)
      post("/blocks/destroy", TwitterAPI.Controller, :unblock)
    end
lain's avatar
lain committed
491
  end
lain's avatar
lain committed
492

493
  pipeline :ap_relay do
494
    plug(:accepts, ["activity+json", "json"])
495
496
  end

lain's avatar
lain committed
497
  pipeline :ostatus do
498
    plug(:accepts, ["html", "xml", "atom", "activity+json", "json"])
lain's avatar
lain committed
499
500
  end

501
502
503
504
  pipeline :oembed do
    plug(:accepts, ["json", "xml"])
  end

lain's avatar
lain committed
505
  scope "/", Pleroma.Web do
lain's avatar
lain committed
506
    pipe_through(:ostatus)
lain's avatar
lain committed
507

lain's avatar
lain committed
508
509
510
    get("/objects/:uuid", OStatus.OStatusController, :object)
    get("/activities/:uuid", OStatus.OStatusController, :activity)
    get("/notice/:id", OStatus.OStatusController, :notice)
href's avatar
href committed
511
    get("/notice/:id/embed_player", OStatus.OStatusController, :notice_player)
lain's avatar
lain committed
512
513
    get("/users/:nickname/feed", OStatus.OStatusController, :feed)
    get("/users/:nickname", OStatus.OStatusController, :feed_redirect)
lain's avatar
lain committed
514

href's avatar
href committed
515
516
517
518
    post("/users/:nickname/salmon", OStatus.OStatusController, :salmon_incoming)
    post("/push/hub/:nickname", Websub.WebsubController, :websub_subscription_request)
    get("/push/subscriptions/:id", Websub.WebsubController, :websub_subscription_confirmation)
    post("/push/subscriptions/:id", Websub.WebsubController, :websub_incoming)
lain's avatar
lain committed
519
520
  end

521
522
523
524
525
526
  scope "/", Pleroma.Web do
    pipe_through(:oembed)

    get("/oembed", OEmbed.OEmbedController, :url)
  end

lain's avatar
lain committed
527
  pipeline :activitypub do
528
    plug(:accepts, ["activity+json", "json"])
lain's avatar
lain committed
529
    plug(Pleroma.Web.Plugs.HTTPSignaturePlug)
lain's avatar
lain committed
530
531
  end

532
533
  scope "/", Pleroma.Web.ActivityPub do
    # XXX: not really ostatus
lain's avatar
lain committed
534
    pipe_through(:ostatus)
535

lain's avatar
lain committed
536
537
538
    get("/users/:nickname/followers", ActivityPubController, :followers)
    get("/users/:nickname/following", ActivityPubController, :following)
    get("/users/:nickname/outbox", ActivityPubController, :outbox)
539
    get("/objects/:uuid/likes", ActivityPubController, :object_likes)
540
541
  end

542
  pipeline :activitypub_client do
543
    plug(:accepts, ["activity+json", "json"])
544
545
546
547
548
549
550
551
552
553
554
555
556
557
558
    plug(:fetch_session)
    plug(Pleroma.Plugs.OAuthPlug)
    plug(Pleroma.Plugs.BasicAuthDecoderPlug)
    plug(Pleroma.Plugs.UserFetcherPlug)
    plug(Pleroma.Plugs.SessionAuthenticationPlug)
    plug(Pleroma.Plugs.LegacyAuthenticationPlug)
    plug(Pleroma.Plugs.AuthenticationPlug)
    plug(Pleroma.Plugs.UserEnabledPlug)
    plug(Pleroma.Plugs.SetUserSessionIdPlug)
    plug(Pleroma.Plugs.EnsureUserKeyPlug)
  end

  scope "/", Pleroma.Web.ActivityPub do
    pipe_through([:activitypub_client])

559
560
561
562
563
564
565
566
567
568
    scope [] do
      pipe_through(:oauth_read)
      get("/api/ap/whoami", ActivityPubController, :whoami)
      get("/users/:nickname/inbox", ActivityPubController, :read_inbox)
    end

    scope [] do
      pipe_through(:oauth_write)
      post("/users/:nickname/outbox", ActivityPubController, :update_outbox)
    end
569
570
  end

href's avatar
href committed
571
572
573
574
  scope "/relay", Pleroma.Web.ActivityPub do
    pipe_through(:ap_relay)
    get("/", ActivityPubController, :relay)
  end
575

href's avatar
href committed
576
577
578
  scope "/", Pleroma.Web.ActivityPub do
    pipe_through(:activitypub)
    post("/inbox", ActivityPubController, :inbox)
579
    post("/users/:nickname/inbox", ActivityPubController, :inbox)
href's avatar
href committed
580
  end
lain's avatar
lain committed
581

href's avatar
href committed
582
583
  scope "/.well-known", Pleroma.Web do
    pipe_through(:well_known)
lain's avatar
lain committed
584

href's avatar
href committed
585
586
587
588
    get("/host-meta", WebFinger.WebFingerController, :host_meta)
    get("/webfinger", WebFinger.WebFingerController, :webfinger)
    get("/nodeinfo", Nodeinfo.NodeinfoController, :schemas)
  end
dashie's avatar
dashie committed
589

href's avatar
href committed
590
591
  scope "/nodeinfo", Pleroma.Web do
    get("/:version", Nodeinfo.NodeinfoController, :nodeinfo)
lain's avatar
lain committed
592
  end
lain's avatar
lain committed
593

lain's avatar
lain committed
594
  scope "/", Pleroma.Web.MastodonAPI do
lain's avatar
lain committed
595
    pipe_through(:mastodon_html)
lain's avatar
lain committed
596

lain's avatar
lain committed
597
598
    get("/web/login", MastodonAPIController, :login)
    delete("/auth/sign_out", MastodonAPIController, :logout)
599
600

    scope [] do
601
      pipe_through(:oauth_read_or_unauthenticated)
602
603
      get("/web/*path", MastodonAPIController, :index)
    end
lain's avatar
lain committed
604
605
  end

href's avatar
href committed
606
607
  pipeline :remote_media do
  end
lain's avatar
lain committed
608

href's avatar
href committed
609
  scope "/proxy/", Pleroma.Web.MediaProxy do
lain's avatar
lain committed
610
    pipe_through(:remote_media)
611

lain's avatar
lain committed
612
    get("/:sig/:url", MediaProxyController, :remote)
href's avatar
href committed
613
    get("/:sig/:url/:filename", MediaProxyController, :remote)
href's avatar
href committed
614
615
  end

616
617
618
619
620
621
  if Mix.env() == :dev do
    scope "/dev" do
      pipe_through([:mailbox_preview])

      forward("/mailbox", Plug.Swoosh.MailboxPreview, base_path: "/dev/mailbox")
    end
href's avatar
href committed
622
623
  end

lain's avatar
lain committed
624
  scope "/", Fallback do
HJ's avatar
HJ committed
625
    get("/registration/:token", RedirectController, :registration_page)
626
627
    get("/:maybe_nickname_or_id", RedirectController, :redirector_with_meta)
    get("/*path", RedirectController, :redirector)
628
629

    options("/*path", RedirectController, :empty)
lain's avatar
lain committed
630
631
632
633
634
  end
end

defmodule Fallback.RedirectController do
  use Pleroma.Web, :controller
635
  alias Pleroma.Web.Metadata
636
  alias Pleroma.User
lain's avatar
lain committed
637

638
  def redirector(conn, _params, code \\ 200) do
href's avatar
href committed
639
640
    conn
    |> put_resp_content_type("text/html")
641
    |> send_file(code, index_file_path())
lain's avatar
lain committed
642
  end
HJ's avatar
HJ committed
643

644
645
646
647
648
649
650
651
652
  def redirector_with_meta(conn, %{"maybe_nickname_or_id" => maybe_nickname_or_id} = params) do
    with %User{} = user <- User.get_cached_by_nickname_or_id(maybe_nickname_or_id) do
      redirector_with_meta(conn, %{user: user})
    else
      nil ->
        redirector(conn, params)
    end
  end

653
  def redirector_with_meta(conn, params) do
654
    {:ok, index_content} = File.read(index_file_path())
655
    tags = Metadata.build_tags(params)
656
657
658
659
660
661
662
    response = String.replace(index_content, "<!--server-generated-meta-->", tags)

    conn
    |> put_resp_content_type("text/html")
    |> send_resp(200, response)
  end

663
  def index_file_path do
raeno's avatar
raeno committed
664
    Pleroma.Plugs.InstanceStatic.file_path("index.html")
665
666
  end

HJ's avatar
HJ committed
667
668
669
  def registration_page(conn, params) do
    redirector(conn, params)
  end
670
671
672
673
674
675

  def empty(conn, _params) do
    conn
    |> put_status(204)
    |> text("")
  end
lain's avatar
lain committed
676
end