diff options
| author |  poesty | 2023-06-11 03:04:08 +0800 |
|---|---|---|
| committer | poesty | 2023-06-11 03:04:08 +0800 |
| commit | 15137fc5c73598456af8737d37c3f222c55a9865 (patch) | |
| tree | b3cff4a0e728fd141904ad4da723a302cc4c0515 /mastoapi.c | |
| parent | Use MID_TO_MD5 for ID comparison (diff) | |
| download | snac2-15137fc5c73598456af8737d37c3f222c55a9865.tar.gz snac2-15137fc5c73598456af8737d37c3f222c55a9865.tar.xz snac2-15137fc5c73598456af8737d37c3f222c55a9865.zip | |
Only allow logged-in user to use search API
Diffstat (limited to 'mastoapi.c')
| -rw-r--r-- | mastoapi.c | 56 |
1 files changed, 30 insertions, 26 deletions
| @@ -1627,43 +1627,47 @@ int mastoapi_get_handler(const xs_dict *req, const char *q_path, | |||
| 1627 | } | 1627 | } |
| 1628 | else | 1628 | else |
| 1629 | if (strcmp(cmd, "/v2/search") == 0) { /** **/ | 1629 | if (strcmp(cmd, "/v2/search") == 0) { /** **/ |
| 1630 | const char *q = xs_dict_get(args, "q"); | 1630 | if (logged_in) { |
| 1631 | const char *type = xs_dict_get(args, "type"); | 1631 | const char *q = xs_dict_get(args, "q"); |
| 1632 | const char *offset = xs_dict_get(args, "offset"); | 1632 | const char *type = xs_dict_get(args, "type"); |
| 1633 | const char *offset = xs_dict_get(args, "offset"); | ||
| 1633 | 1634 | ||
| 1634 | xs *acl = xs_list_new(); | 1635 | xs *acl = xs_list_new(); |
| 1635 | xs *stl = xs_list_new(); | 1636 | xs *stl = xs_list_new(); |
| 1636 | xs *htl = xs_list_new(); | 1637 | xs *htl = xs_list_new(); |
| 1637 | xs *res = xs_dict_new(); | 1638 | xs *res = xs_dict_new(); |
| 1638 | 1639 | ||
| 1639 | if (xs_is_null(offset) || strcmp(offset, "0") == 0) { | 1640 | if (xs_is_null(offset) || strcmp(offset, "0") == 0) { |
| 1640 | /* reply something only for offset 0; otherwise, | 1641 | /* reply something only for offset 0; otherwise, |
| 1641 | apps like Tusky keep asking again and again */ | 1642 | apps like Tusky keep asking again and again */ |
| 1642 | 1643 | ||
| 1643 | if (!xs_is_null(q) && !xs_is_null(type) && strcmp(type, "accounts") == 0) { | 1644 | if (!xs_is_null(q) && !xs_is_null(type) && strcmp(type, "accounts") == 0) { |
| 1644 | /* do a webfinger query */ | 1645 | /* do a webfinger query */ |
| 1645 | char *actor = NULL; | 1646 | char *actor = NULL; |
| 1646 | char *user = NULL; | 1647 | char *user = NULL; |
| 1647 | 1648 | ||
| 1648 | if (valid_status(webfinger_request(q, &actor, &user))) { | 1649 | if (valid_status(webfinger_request(q, &actor, &user))) { |
| 1649 | xs *actor_o = NULL; | 1650 | xs *actor_o = NULL; |
| 1650 | 1651 | ||
| 1651 | if (valid_status(actor_request(&snac1, actor, &actor_o))) { | 1652 | if (valid_status(actor_request(&snac1, actor, &actor_o))) { |
| 1652 | xs *acct = mastoapi_account(actor_o); | 1653 | xs *acct = mastoapi_account(actor_o); |
| 1653 | 1654 | ||
| 1654 | acl = xs_list_append(acl, acct); | 1655 | acl = xs_list_append(acl, acct); |
| 1656 | } | ||
| 1655 | } | 1657 | } |
| 1656 | } | 1658 | } |
| 1657 | } | 1659 | } |
| 1658 | } | ||
| 1659 | 1660 | ||
| 1660 | res = xs_dict_append(res, "accounts", acl); | 1661 | res = xs_dict_append(res, "accounts", acl); |
| 1661 | res = xs_dict_append(res, "statuses", stl); | 1662 | res = xs_dict_append(res, "statuses", stl); |
| 1662 | res = xs_dict_append(res, "hashtags", htl); | 1663 | res = xs_dict_append(res, "hashtags", htl); |
| 1663 | 1664 | ||
| 1664 | *body = xs_json_dumps_pp(res, 4); | 1665 | *body = xs_json_dumps_pp(res, 4); |
| 1665 | *ctype = "application/json"; | 1666 | *ctype = "application/json"; |
| 1666 | status = 200; | 1667 | status = 200; |
| 1668 | } | ||
| 1669 | else | ||
| 1670 | status = 401; | ||
| 1667 | } | 1671 | } |
| 1668 | 1672 | ||
| 1669 | /* user cleanup */ | 1673 | /* user cleanup */ |