diff --git a/internal/module/account/account.go b/internal/module/account/account.go
index ac4c51782..f5649a3e5 100644
--- a/internal/module/account/account.go
+++ b/internal/module/account/account.go
@@ -19,6 +19,7 @@
package account
import (
+ "errors"
"fmt"
"net"
"net/http"
@@ -31,6 +32,7 @@ import (
"github.com/superseriousbusiness/gotosocial/internal/module"
"github.com/superseriousbusiness/gotosocial/internal/oauth"
"github.com/superseriousbusiness/gotosocial/internal/router"
+ "github.com/superseriousbusiness/gotosocial/internal/util"
"github.com/superseriousbusiness/gotosocial/pkg/mastotypes"
"github.com/superseriousbusiness/oauth2/v4"
)
@@ -70,7 +72,7 @@ func (m *accountModule) Route(r router.Router) error {
// It should be served as a POST at /api/v1/accounts
func (m *accountModule) accountCreatePOSTHandler(c *gin.Context) {
l := m.log.WithField("func", "accountCreatePOSTHandler")
- authed, err := oauth.MustAuthed(c, true, true, false, false)
+ authed, err := oauth.MustAuth(c, true, true, false, false)
if err != nil {
l.Debugf("couldn't auth: %s", err)
c.JSON(http.StatusForbidden, gin.H{"error": err.Error()})
@@ -79,9 +81,9 @@ func (m *accountModule) accountCreatePOSTHandler(c *gin.Context) {
l.Trace("parsing request form")
form := &mastotypes.AccountCreateRequest{}
- if err := c.ShouldBind(form); err != nil {
+ if err := c.ShouldBind(form); err != nil || form == nil {
l.Debugf("could not parse form from request: %s", err)
- c.JSON(http.StatusBadRequest, gin.H{"error": err.Error()})
+ c.JSON(http.StatusBadRequest, gin.H{"error": "missing one or more required form values"})
return
}
@@ -116,25 +118,10 @@ func (m *accountModule) accountCreatePOSTHandler(c *gin.Context) {
// It should be served as a GET at /api/v1/accounts/verify_credentials
func (m *accountModule) accountVerifyGETHandler(c *gin.Context) {
l := m.log.WithField("func", "AccountVerifyGETHandler")
+ authed, err := oauth.MustAuth(c, true, false, false, true)
- l.Trace("getting account details from session")
- i, ok := c.Get(oauth.SessionAuthorizedAccount)
- if !ok {
- l.Trace("no account in session, returning error to client")
- c.JSON(http.StatusUnauthorized, gin.H{"error": "The access token is invalid"})
- return
- }
-
- l.Trace("attempting to convert account interface into account struct...")
- acct, ok := i.(*model.Account)
- if !ok {
- l.Tracef("could not convert %+v into account struct, returning error to client", i)
- c.JSON(http.StatusUnauthorized, gin.H{"error": "The access token is invalid"})
- return
- }
-
- l.Tracef("retrieved account %+v, converting to mastosensitive...", acct)
- acctSensitive, err := m.db.AccountToMastoSensitive(acct)
+ l.Tracef("retrieved account %+v, converting to mastosensitive...", authed.Account)
+ acctSensitive, err := m.db.AccountToMastoSensitive(authed.Account)
if err != nil {
l.Tracef("could not convert account into mastosensitive account: %s", err)
c.JSON(http.StatusInternalServerError, gin.H{"error": err.Error()})
@@ -180,3 +167,45 @@ func (m *accountModule) accountCreate(form *mastotypes.AccountCreateRequest, sig
CreatedAt: ti.GetCodeCreateAt().Unix(),
}, nil
}
+
+// validateCreateAccount checks through all the necessary prerequisites for creating a new account,
+// according to the provided account create request. If the account isn't eligible, an error will be returned.
+func validateCreateAccount(form *mastotypes.AccountCreateRequest, c *config.AccountsConfig, database db.DB) error {
+ if !c.OpenRegistration {
+ return errors.New("registration is not open for this server")
+ }
+
+ if err := util.ValidateSignUpUsername(form.Username); err != nil {
+ return err
+ }
+
+ if err := util.ValidateEmail(form.Email); err != nil {
+ return err
+ }
+
+ if err := util.ValidateSignUpPassword(form.Password); err != nil {
+ return err
+ }
+
+ if !form.Agreement {
+ return errors.New("agreement to terms and conditions not given")
+ }
+
+ if err := util.ValidateLanguage(form.Locale); err != nil {
+ return err
+ }
+
+ if err := util.ValidateSignUpReason(form.Reason, c.ReasonRequired); err != nil {
+ return err
+ }
+
+ if err := database.IsEmailAvailable(form.Email); err != nil {
+ return err
+ }
+
+ if err := database.IsUsernameAvailable(form.Username); err != nil {
+ return err
+ }
+
+ return nil
+}
diff --git a/internal/module/account/validation.go b/internal/module/account/validation.go
deleted file mode 100644
index c168d0449..000000000
--- a/internal/module/account/validation.go
+++ /dev/null
@@ -1,68 +0,0 @@
-/*
- GoToSocial
- Copyright (C) 2021 GoToSocial Authors admin@gotosocial.org
-
- This program is free software: you can redistribute it and/or modify
- it under the terms of the GNU Affero General Public License as published by
- the Free Software Foundation, either version 3 of the License, or
- (at your option) any later version.
-
- This program is distributed in the hope that it will be useful,
- but WITHOUT ANY WARRANTY; without even the implied warranty of
- MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
- GNU Affero General Public License for more details.
-
- You should have received a copy of the GNU Affero General Public License
- along with this program. If not, see .
-*/
-
-package account
-
-import (
- "errors"
-
- "github.com/superseriousbusiness/gotosocial/internal/config"
- "github.com/superseriousbusiness/gotosocial/internal/db"
- "github.com/superseriousbusiness/gotosocial/internal/util"
- "github.com/superseriousbusiness/gotosocial/pkg/mastotypes"
-)
-
-func validateCreateAccount(form *mastotypes.AccountCreateRequest, c *config.AccountsConfig, database db.DB) error {
- if !c.OpenRegistration {
- return errors.New("registration is not open for this server")
- }
-
- if err := util.ValidateSignUpUsername(form.Username); err != nil {
- return err
- }
-
- if err := util.ValidateEmail(form.Email); err != nil {
- return err
- }
-
- if err := util.ValidateSignUpPassword(form.Password); err != nil {
- return err
- }
-
- if !form.Agreement {
- return errors.New("agreement to terms and conditions not given")
- }
-
- if err := util.ValidateLanguage(form.Locale); err != nil {
- return err
- }
-
- if err := util.ValidateSignUpReason(form.Reason, c.ReasonRequired); err != nil {
- return err
- }
-
- if err := database.IsEmailAvailable(form.Email); err != nil {
- return err
- }
-
- if err := database.IsUsernameAvailable(form.Username); err != nil {
- return err
- }
-
- return nil
-}
diff --git a/internal/module/account/validation_test.go b/internal/module/account/validation_test.go
deleted file mode 100644
index 223a0c145..000000000
--- a/internal/module/account/validation_test.go
+++ /dev/null
@@ -1,19 +0,0 @@
-/*
- GoToSocial
- Copyright (C) 2021 GoToSocial Authors admin@gotosocial.org
-
- This program is free software: you can redistribute it and/or modify
- it under the terms of the GNU Affero General Public License as published by
- the Free Software Foundation, either version 3 of the License, or
- (at your option) any later version.
-
- This program is distributed in the hope that it will be useful,
- but WITHOUT ANY WARRANTY; without even the implied warranty of
- MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
- GNU Affero General Public License for more details.
-
- You should have received a copy of the GNU Affero General Public License
- along with this program. If not, see .
-*/
-
-package account