mirror of
https://github.com/versia-pub/server.git
synced 2025-12-06 16:38:19 +01:00
106 lines
2.7 KiB
TypeScript
106 lines
2.7 KiB
TypeScript
import { apiRoute, applyConfig, auth } from "@/api";
|
|
import { createRoute } from "@hono/zod-openapi";
|
|
import { z } from "zod";
|
|
import { sendFollowAccept } from "~/classes/functions/user";
|
|
import { RolePermissions } from "~/drizzle/schema";
|
|
import { Relationship } from "~/packages/database-interface/relationship";
|
|
import { User } from "~/packages/database-interface/user";
|
|
import { ErrorSchema } from "~/types/api";
|
|
|
|
export const meta = applyConfig({
|
|
route: "/api/v1/follow_requests/:account_id/authorize",
|
|
ratelimits: {
|
|
max: 100,
|
|
duration: 60,
|
|
},
|
|
auth: {
|
|
required: true,
|
|
},
|
|
permissions: {
|
|
required: [RolePermissions.ManageOwnFollows],
|
|
},
|
|
});
|
|
|
|
export const schemas = {
|
|
param: z.object({
|
|
account_id: z.string().uuid(),
|
|
}),
|
|
};
|
|
|
|
const route = createRoute({
|
|
method: "post",
|
|
path: "/api/v1/follow_requests/{account_id}/authorize",
|
|
summary: "Authorize follow request",
|
|
middleware: [auth(meta.auth, meta.permissions)],
|
|
request: {
|
|
params: schemas.param,
|
|
},
|
|
responses: {
|
|
200: {
|
|
description: "Relationship",
|
|
content: {
|
|
"application/json": {
|
|
schema: Relationship.schema,
|
|
},
|
|
},
|
|
},
|
|
401: {
|
|
description: "Unauthorized",
|
|
content: {
|
|
"application/json": {
|
|
schema: ErrorSchema,
|
|
},
|
|
},
|
|
},
|
|
404: {
|
|
description: "Account not found",
|
|
content: {
|
|
"application/json": {
|
|
schema: ErrorSchema,
|
|
},
|
|
},
|
|
},
|
|
},
|
|
});
|
|
|
|
export default apiRoute((app) =>
|
|
app.openapi(route, async (context) => {
|
|
const { user } = context.get("auth");
|
|
|
|
if (!user) {
|
|
return context.json({ error: "Unauthorized" }, 401);
|
|
}
|
|
|
|
const { account_id } = context.req.valid("param");
|
|
|
|
const account = await User.fromId(account_id);
|
|
|
|
if (!account) {
|
|
return context.json({ error: "Account not found" }, 404);
|
|
}
|
|
|
|
const oppositeRelationship = await Relationship.fromOwnerAndSubject(
|
|
account,
|
|
user,
|
|
);
|
|
|
|
await oppositeRelationship.update({
|
|
requested: false,
|
|
following: true,
|
|
});
|
|
|
|
const foundRelationship = await Relationship.fromOwnerAndSubject(
|
|
user,
|
|
account,
|
|
);
|
|
|
|
// Check if accepting remote follow
|
|
if (account.isRemote()) {
|
|
// Federate follow accept
|
|
await sendFollowAccept(account, user);
|
|
}
|
|
|
|
return context.json(foundRelationship.toApi(), 200);
|
|
}),
|
|
);
|