diff options
| author | poesty <poesty7450@gmail.com> | 2023-06-11 03:04:08 +0800 |
|---|---|---|
| committer | poesty <poesty7450@gmail.com> | 2023-06-11 03:04:08 +0800 |
| commit | 15137fc5c73598456af8737d37c3f222c55a9865 (patch) | |
| tree | b3cff4a0e728fd141904ad4da723a302cc4c0515 | |
| parent | 2b64892e8399be3376fecd798de3cb8a5360924c (diff) | |
Only allow logged-in user to use search API
| -rw-r--r-- | mastoapi.c | 56 |
1 files changed, 30 insertions, 26 deletions
@@ -1627,43 +1627,47 @@ int mastoapi_get_handler(const xs_dict *req, const char *q_path, } else if (strcmp(cmd, "/v2/search") == 0) { /** **/ - const char *q = xs_dict_get(args, "q"); - const char *type = xs_dict_get(args, "type"); - const char *offset = xs_dict_get(args, "offset"); + if (logged_in) { + const char *q = xs_dict_get(args, "q"); + const char *type = xs_dict_get(args, "type"); + const char *offset = xs_dict_get(args, "offset"); - xs *acl = xs_list_new(); - xs *stl = xs_list_new(); - xs *htl = xs_list_new(); - xs *res = xs_dict_new(); + xs *acl = xs_list_new(); + xs *stl = xs_list_new(); + xs *htl = xs_list_new(); + xs *res = xs_dict_new(); - if (xs_is_null(offset) || strcmp(offset, "0") == 0) { - /* reply something only for offset 0; otherwise, - apps like Tusky keep asking again and again */ + if (xs_is_null(offset) || strcmp(offset, "0") == 0) { + /* reply something only for offset 0; otherwise, + apps like Tusky keep asking again and again */ - if (!xs_is_null(q) && !xs_is_null(type) && strcmp(type, "accounts") == 0) { - /* do a webfinger query */ - char *actor = NULL; - char *user = NULL; + if (!xs_is_null(q) && !xs_is_null(type) && strcmp(type, "accounts") == 0) { + /* do a webfinger query */ + char *actor = NULL; + char *user = NULL; - if (valid_status(webfinger_request(q, &actor, &user))) { - xs *actor_o = NULL; + if (valid_status(webfinger_request(q, &actor, &user))) { + xs *actor_o = NULL; - if (valid_status(actor_request(&snac1, actor, &actor_o))) { - xs *acct = mastoapi_account(actor_o); + if (valid_status(actor_request(&snac1, actor, &actor_o))) { + xs *acct = mastoapi_account(actor_o); - acl = xs_list_append(acl, acct); + acl = xs_list_append(acl, acct); + } } } } - } - res = xs_dict_append(res, "accounts", acl); - res = xs_dict_append(res, "statuses", stl); - res = xs_dict_append(res, "hashtags", htl); + res = xs_dict_append(res, "accounts", acl); + res = xs_dict_append(res, "statuses", stl); + res = xs_dict_append(res, "hashtags", htl); - *body = xs_json_dumps_pp(res, 4); - *ctype = "application/json"; - status = 200; + *body = xs_json_dumps_pp(res, 4); + *ctype = "application/json"; + status = 200; + } + else + status = 401; } /* user cleanup */ |