diff options
Diffstat (limited to 'app/controllers/authorize_follow_controller.rb')
| -rw-r--r-- | app/controllers/authorize_follow_controller.rb | 45 |
1 files changed, 45 insertions, 0 deletions
diff --git a/app/controllers/authorize_follow_controller.rb b/app/controllers/authorize_follow_controller.rb new file mode 100644 index 000000000..e866b5599 --- /dev/null +++ b/app/controllers/authorize_follow_controller.rb @@ -0,0 +1,45 @@ +# frozen_string_literal: true + +class AuthorizeFollowController < ApplicationController + layout 'public' + + before_action :authenticate_user! + + def new + uri = Addressable::URI.parse(acct_param) + + if uri.path && %w(http https).include?(uri.scheme) + set_account_from_url + else + set_account_from_acct + end + + render :error if @account.nil? + end + + def create + @account = FollowService.new.call(current_account, acct_param).try(:target_account) + + if @account.nil? + render :error + else + redirect_to web_url("accounts/#{@account.id}") + end + rescue ActiveRecord::RecordNotFound, Mastodon::NotPermitted + render :error + end + + private + + def set_account_from_url + @account = FetchRemoteAccountService.new.call(acct_param) + end + + def set_account_from_acct + @account = FollowRemoteAccountService.new.call(acct_param) + end + + def acct_param + params[:acct].gsub(/\Aacct:/, '') + end +end |