diff options
author | Eugen Rochko <eugen@zeonfederated.com> | 2016-11-03 16:57:44 +0100 |
---|---|---|
committer | Eugen Rochko <eugen@zeonfederated.com> | 2016-11-03 16:57:44 +0100 |
commit | 3731230c6d25f248afa8a17b62b3db70fdfe1e03 (patch) | |
tree | 9e7da1198a5e20c600add1cad4c0c288c524d1f9 /app/controllers/api/v1 | |
parent | e4671adc25081161268c885b3427fd84cbecb249 (diff) |
Allow @username@domain/@username in follow form, prevent duplicate accounts
created via remote look-up when domains differ but point to the same resource
Diffstat (limited to 'app/controllers/api/v1')
-rw-r--r-- | app/controllers/api/v1/follows_controller.rb | 8 |
1 files changed, 7 insertions, 1 deletions
diff --git a/app/controllers/api/v1/follows_controller.rb b/app/controllers/api/v1/follows_controller.rb index 9181cd077..526316531 100644 --- a/app/controllers/api/v1/follows_controller.rb +++ b/app/controllers/api/v1/follows_controller.rb @@ -5,7 +5,13 @@ class Api::V1::FollowsController < ApiController def create raise ActiveRecord::RecordNotFound if params[:uri].blank? - @account = FollowService.new.call(current_user.account, params[:uri].strip).try(:target_account) + @account = FollowService.new.call(current_user.account, target_uri).try(:target_account) render action: :show end + + private + + def target_uri + params[:uri].strip.gsub(/\A@/, '') + end end |