UA-Fediland/pixelfed
2
0
Fork 0
mirror of https://github.com/pixelfed/pixelfed.git synced 2024-11-22 22:41:27 +00:00
Code Issues Projects Releases Packages Wiki Activity

Update ApiV1Dot1Controller, fix mutual api

Browse source
This commit is contained in:
Daniel Supernault 2024-07-02 04:00:27 -06:00
parent f61bbecaa9
commit a8bb97b22b
No known key found for this signature in database
GPG key ID: 23740873EE6F76A1
1 changed files with 3 additions and 5 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

8
app/Http/Controllers/Api/ApiV1Dot1Controller.php
View file

@ -487,8 +487,7 @@ class ApiV1Dot1Controller extends Controller
abort_if(BouncerService::checkIp($request->ip()), 404); abort_if(BouncerService::checkIp($request->ip()), 404);
} }
$rl = RateLimiter::attempt('pf:apiv1.1:iar:'.$request->ip(), config('pixelfed.app_registration_rate_limit_attempts', 3), function () { $rl = RateLimiter::attempt('pf:apiv1.1:iar:'.$request->ip(), config('pixelfed.app_registration_rate_limit_attempts', 3), function () {}, config('pixelfed.app_registration_rate_limit_decay', 1800));
}, config('pixelfed.app_registration_rate_limit_decay', 1800));
abort_if(! $rl, 400, 'Too many requests'); abort_if(! $rl, 400, 'Too many requests');
$this->validate($request, [ $this->validate($request, [
@ -618,8 +617,7 @@ class ApiV1Dot1Controller extends Controller
abort_if(BouncerService::checkIp($request->ip()), 404); abort_if(BouncerService::checkIp($request->ip()), 404);
} }
$rl = RateLimiter::attempt('pf:apiv1.1:iarc:'.$request->ip(), config('pixelfed.app_registration_confirm_rate_limit_attempts', 20), function () { $rl = RateLimiter::attempt('pf:apiv1.1:iarc:'.$request->ip(), config('pixelfed.app_registration_confirm_rate_limit_attempts', 20), function () {}, config('pixelfed.app_registration_confirm_rate_limit_decay', 1800));
}, config('pixelfed.app_registration_confirm_rate_limit_decay', 1800));
abort_if(! $rl, 429, 'Too many requests'); abort_if(! $rl, 429, 'Too many requests');
$request->validate([ $request->validate([
@ -929,7 +927,7 @@ class ApiV1Dot1Controller extends Controller
public function getMutualAccounts(Request $request, $id) public function getMutualAccounts(Request $request, $id)
{ {
abort_if(! $request->user() || ! $request->user()->token(), 403); abort_if(! $request->user() || ! $request->user()->token(), 403);
abort_unless($request->user()->tokenCan('follows'), 403); abort_unless($request->user()->tokenCan('follow'), 403);
$account = AccountService::get($id, true); $account = AccountService::get($id, true);
if (! $account || ! isset($account['id'])) { if (! $account || ! isset($account['id'])) {