forked from mirrors/gotosocial
6cd033449f
Remote media is now dereferenced and attached properly to incoming federated statuses. Mentions are now dereferenced and attached properly to incoming federated statuses. Small fixes to status visibility. Allow URL params for filtering statuses: // ExcludeRepliesKey is for specifying whether to exclude replies in a list of returned statuses by an account. // PinnedKey is for specifying whether to include pinned statuses in a list of returned statuses by an account. // MaxIDKey is for specifying the maximum ID of the status to retrieve. // MediaOnlyKey is for specifying that only statuses with media should be returned in a list of returned statuses by an account. Add endpoint for fetching an account's statuses.
67 lines
2.2 KiB
Go
67 lines
2.2 KiB
Go
/*
|
|
GoToSocial
|
|
Copyright (C) 2021 GoToSocial Authors admin@gotosocial.org
|
|
|
|
This program is free software: you can redistribute it and/or modify
|
|
it under the terms of the GNU Affero General Public License as published by
|
|
the Free Software Foundation, either version 3 of the License, or
|
|
(at your option) any later version.
|
|
|
|
This program is distributed in the hope that it will be useful,
|
|
but WITHOUT ANY WARRANTY; without even the implied warranty of
|
|
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
|
GNU Affero General Public License for more details.
|
|
|
|
You should have received a copy of the GNU Affero General Public License
|
|
along with this program. If not, see <http://www.gnu.org/licenses/>.
|
|
*/
|
|
|
|
package user
|
|
|
|
import (
|
|
"net/http"
|
|
|
|
"github.com/gin-gonic/gin"
|
|
"github.com/sirupsen/logrus"
|
|
)
|
|
|
|
// UsersGETHandler should be served at https://example.org/users/:username.
|
|
//
|
|
// The goal here is to return the activitypub representation of an account
|
|
// in the form of a vocab.ActivityStreamsPerson. This should only be served
|
|
// to REMOTE SERVERS that present a valid signature on the GET request, on
|
|
// behalf of a user, otherwise we risk leaking information about users publicly.
|
|
//
|
|
// And of course, the request should be refused if the account or server making the
|
|
// request is blocked.
|
|
func (m *Module) UsersGETHandler(c *gin.Context) {
|
|
l := m.log.WithFields(logrus.Fields{
|
|
"func": "UsersGETHandler",
|
|
"url": c.Request.RequestURI,
|
|
})
|
|
|
|
requestedUsername := c.Param(UsernameKey)
|
|
if requestedUsername == "" {
|
|
c.JSON(http.StatusBadRequest, gin.H{"error": "no username specified in request"})
|
|
return
|
|
}
|
|
|
|
// make sure this actually an AP request
|
|
format := c.NegotiateFormat(ActivityPubAcceptHeaders...)
|
|
if format == "" {
|
|
c.JSON(http.StatusNotAcceptable, gin.H{"error": "could not negotiate format with given Accept header(s)"})
|
|
return
|
|
}
|
|
l.Tracef("negotiated format: %s", format)
|
|
|
|
// make a copy of the context to pass along so we don't break anything
|
|
cp := c.Copy()
|
|
user, err := m.processor.GetFediUser(requestedUsername, cp.Request) // GetFediUser handles auth as well
|
|
if err != nil {
|
|
l.Info(err.Error())
|
|
c.JSON(err.Code(), gin.H{"error": err.Safe()})
|
|
return
|
|
}
|
|
|
|
c.JSON(http.StatusOK, user)
|
|
}
|