Allow access to account settings, 2FA, authorized applications, and account deletions to unconfirmed and pending users, as well as users who had their accounts disabled. Suspended users cannot update their e-mail or password or delete their account. Display account status on account settings page, for example, when an account is frozen, limited, unconfirmed or pending review. After sign up, login users straight away and show a simple page that tells them the status of their account with links to account settings and logout, to reduce onboarding friction and allow users to correct wrongly typed e-mail addresses. Move the final sign-up step of SSO integrations to be the same as above to reduce code duplication.
		
			
				
	
	
		
			436 lines
		
	
	
	
		
			13 KiB
		
	
	
	
		
			Ruby
		
	
	
	
	
	
			
		
		
	
	
			436 lines
		
	
	
	
		
			13 KiB
		
	
	
	
		
			Ruby
		
	
	
	
	
	
| # frozen_string_literal: true
 | |
| 
 | |
| require 'sidekiq/web'
 | |
| require 'sidekiq-scheduler/web'
 | |
| 
 | |
| Sidekiq::Web.set :session_secret, Rails.application.secrets[:secret_key_base]
 | |
| 
 | |
| Rails.application.routes.draw do
 | |
|   mount LetterOpenerWeb::Engine, at: 'letter_opener' if Rails.env.development?
 | |
| 
 | |
|   authenticate :user, lambda { |u| u.admin? } do
 | |
|     mount Sidekiq::Web, at: 'sidekiq', as: :sidekiq
 | |
|     mount PgHero::Engine, at: 'pghero', as: :pghero
 | |
|   end
 | |
| 
 | |
|   use_doorkeeper do
 | |
|     controllers authorizations: 'oauth/authorizations',
 | |
|                 authorized_applications: 'oauth/authorized_applications',
 | |
|                 tokens: 'oauth/tokens'
 | |
|   end
 | |
| 
 | |
|   get '.well-known/host-meta', to: 'well_known/host_meta#show', as: :host_meta, defaults: { format: 'xml' }
 | |
|   get '.well-known/webfinger', to: 'well_known/webfinger#show', as: :webfinger
 | |
|   get '.well-known/change-password', to: redirect('/auth/edit')
 | |
|   get '.well-known/keybase-proof-config', to: 'well_known/keybase_proof_config#show'
 | |
| 
 | |
|   get 'manifest', to: 'manifests#show', defaults: { format: 'json' }
 | |
|   get 'intent', to: 'intents#show'
 | |
|   get 'custom.css', to: 'custom_css#show', as: :custom_css
 | |
| 
 | |
|   resource :instance_actor, path: 'actor', only: [:show] do
 | |
|     resource :inbox, only: [:create], module: :activitypub
 | |
|   end
 | |
| 
 | |
|   devise_scope :user do
 | |
|     get '/invite/:invite_code', to: 'auth/registrations#new', as: :public_invite
 | |
| 
 | |
|     namespace :auth do
 | |
|       resource :setup, only: [:show, :update], controller: :setup
 | |
|     end
 | |
|   end
 | |
| 
 | |
|   devise_for :users, path: 'auth', controllers: {
 | |
|     omniauth_callbacks: 'auth/omniauth_callbacks',
 | |
|     sessions:           'auth/sessions',
 | |
|     registrations:      'auth/registrations',
 | |
|     passwords:          'auth/passwords',
 | |
|     confirmations:      'auth/confirmations',
 | |
|   }
 | |
| 
 | |
|   get '/users/:username', to: redirect('/@%{username}'), constraints: lambda { |req| req.format.nil? || req.format.html? }
 | |
|   get '/authorize_follow', to: redirect { |_, request| "/authorize_interaction?#{request.params.to_query}" }
 | |
| 
 | |
|   resources :accounts, path: 'users', only: [:show], param: :username do
 | |
|     get :remote_follow,  to: 'remote_follow#new'
 | |
|     post :remote_follow, to: 'remote_follow#create'
 | |
| 
 | |
|     resources :statuses, only: [:show] do
 | |
|       member do
 | |
|         get :activity
 | |
|         get :embed
 | |
|       end
 | |
| 
 | |
|       resources :replies, only: [:index], module: :activitypub
 | |
|     end
 | |
| 
 | |
|     resources :followers, only: [:index], controller: :follower_accounts
 | |
|     resources :following, only: [:index], controller: :following_accounts
 | |
|     resource :follow, only: [:create], controller: :account_follow
 | |
|     resource :unfollow, only: [:create], controller: :account_unfollow
 | |
| 
 | |
|     resource :outbox, only: [:show], module: :activitypub
 | |
|     resource :inbox, only: [:create], module: :activitypub
 | |
|     resources :collections, only: [:show], module: :activitypub
 | |
|   end
 | |
| 
 | |
|   resource :inbox, only: [:create], module: :activitypub
 | |
| 
 | |
|   get '/@:username', to: 'accounts#show', as: :short_account
 | |
|   get '/@:username/with_replies', to: 'accounts#show', as: :short_account_with_replies
 | |
|   get '/@:username/media', to: 'accounts#show', as: :short_account_media
 | |
|   get '/@:username/tagged/:tag', to: 'accounts#show', as: :short_account_tag
 | |
|   get '/@:account_username/:id', to: 'statuses#show', as: :short_account_status
 | |
|   get '/@:account_username/:id/embed', to: 'statuses#embed', as: :embed_short_account_status
 | |
| 
 | |
|   get  '/interact/:id', to: 'remote_interaction#new', as: :remote_interaction
 | |
|   post '/interact/:id', to: 'remote_interaction#create'
 | |
| 
 | |
|   get '/explore', to: 'directories#index', as: :explore
 | |
|   get '/explore/:id', to: 'directories#show', as: :explore_hashtag
 | |
| 
 | |
|   get '/settings', to: redirect('/settings/profile')
 | |
| 
 | |
|   namespace :settings do
 | |
|     resource :profile, only: [:show, :update]
 | |
| 
 | |
|     get :preferences, to: redirect('/settings/preferences/appearance')
 | |
| 
 | |
|     namespace :preferences do
 | |
|       resource :appearance, only: [:show, :update], controller: :appearance
 | |
|       resource :notifications, only: [:show, :update]
 | |
|       resource :other, only: [:show, :update], controller: :other
 | |
|     end
 | |
| 
 | |
|     resource :import, only: [:show, :create]
 | |
|     resource :export, only: [:show, :create]
 | |
| 
 | |
|     namespace :exports, constraints: { format: :csv } do
 | |
|       resources :follows, only: :index, controller: :following_accounts
 | |
|       resources :blocks, only: :index, controller: :blocked_accounts
 | |
|       resources :mutes, only: :index, controller: :muted_accounts
 | |
|       resources :lists, only: :index, controller: :lists
 | |
|       resources :domain_blocks, only: :index, controller: :blocked_domains
 | |
|     end
 | |
| 
 | |
|     resource :two_factor_authentication, only: [:show, :create, :destroy]
 | |
| 
 | |
|     namespace :two_factor_authentication do
 | |
|       resources :recovery_codes, only: [:create]
 | |
|       resource :confirmation, only: [:new, :create]
 | |
|     end
 | |
| 
 | |
|     resources :identity_proofs, only: [:index, :show, :new, :create, :update]
 | |
| 
 | |
|     resources :applications, except: [:edit] do
 | |
|       member do
 | |
|         post :regenerate
 | |
|       end
 | |
|     end
 | |
| 
 | |
|     resource :delete, only: [:show, :destroy]
 | |
|     resource :migration, only: [:show, :update]
 | |
| 
 | |
|     resources :sessions, only: [:destroy]
 | |
|     resources :featured_tags, only: [:index, :create, :destroy]
 | |
|   end
 | |
| 
 | |
|   resources :media, only: [:show] do
 | |
|     get :player
 | |
|   end
 | |
| 
 | |
|   resources :tags,   only: [:show]
 | |
|   resources :emojis, only: [:show]
 | |
|   resources :invites, only: [:index, :create, :destroy]
 | |
|   resources :filters, except: [:show]
 | |
|   resource :relationships, only: [:show, :update]
 | |
| 
 | |
|   get '/public', to: 'public_timelines#show', as: :public_timeline
 | |
|   get '/media_proxy/:id/(*any)', to: 'media_proxy#show', as: :media_proxy
 | |
| 
 | |
|   resource :authorize_interaction, only: [:show, :create]
 | |
|   resource :share, only: [:show, :create]
 | |
| 
 | |
|   namespace :admin do
 | |
|     get '/dashboard', to: 'dashboard#index'
 | |
| 
 | |
|     resources :domain_blocks, only: [:new, :create, :show, :destroy]
 | |
|     resources :email_domain_blocks, only: [:index, :new, :create, :destroy]
 | |
|     resources :action_logs, only: [:index]
 | |
|     resources :warning_presets, except: [:new]
 | |
|     resource :settings, only: [:edit, :update]
 | |
| 
 | |
|     resources :invites, only: [:index, :create, :destroy] do
 | |
|       collection do
 | |
|         post :deactivate_all
 | |
|       end
 | |
|     end
 | |
| 
 | |
|     resources :relays, only: [:index, :new, :create, :destroy] do
 | |
|       member do
 | |
|         post :enable
 | |
|         post :disable
 | |
|       end
 | |
|     end
 | |
| 
 | |
|     resources :instances, only: [:index, :show], constraints: { id: /[^\/]+/ }
 | |
| 
 | |
|     resources :reports, only: [:index, :show] do
 | |
|       member do
 | |
|         post :assign_to_self
 | |
|         post :unassign
 | |
|         post :reopen
 | |
|         post :resolve
 | |
|       end
 | |
| 
 | |
|       resources :reported_statuses, only: [:create]
 | |
|     end
 | |
| 
 | |
|     resources :report_notes, only: [:create, :destroy]
 | |
| 
 | |
|     resources :accounts, only: [:index, :show] do
 | |
|       member do
 | |
|         post :enable
 | |
|         post :unsilence
 | |
|         post :unsuspend
 | |
|         post :redownload
 | |
|         post :remove_avatar
 | |
|         post :remove_header
 | |
|         post :memorialize
 | |
|         post :approve
 | |
|         post :reject
 | |
|       end
 | |
| 
 | |
|       resource :change_email, only: [:show, :update]
 | |
|       resource :reset, only: [:create]
 | |
|       resource :action, only: [:new, :create], controller: 'account_actions'
 | |
|       resources :statuses, only: [:index, :show, :create, :update, :destroy]
 | |
|       resources :followers, only: [:index]
 | |
| 
 | |
|       resource :confirmation, only: [:create] do
 | |
|         collection do
 | |
|           post :resend
 | |
|         end
 | |
|       end
 | |
| 
 | |
|       resource :role do
 | |
|         member do
 | |
|           post :promote
 | |
|           post :demote
 | |
|         end
 | |
|       end
 | |
|     end
 | |
| 
 | |
|     resources :pending_accounts, only: [:index] do
 | |
|       collection do
 | |
|         post :approve_all
 | |
|         post :reject_all
 | |
|         post :batch
 | |
|       end
 | |
|     end
 | |
| 
 | |
|     resources :users, only: [] do
 | |
|       resource :two_factor_authentication, only: [:destroy]
 | |
|     end
 | |
| 
 | |
|     resources :custom_emojis, only: [:index, :new, :create, :update, :destroy] do
 | |
|       member do
 | |
|         post :copy
 | |
|         post :enable
 | |
|         post :disable
 | |
|       end
 | |
|     end
 | |
| 
 | |
|     resources :account_moderation_notes, only: [:create, :destroy]
 | |
| 
 | |
|     resources :tags, only: [:index] do
 | |
|       member do
 | |
|         post :hide
 | |
|         post :unhide
 | |
|       end
 | |
|     end
 | |
|   end
 | |
| 
 | |
|   get '/admin', to: redirect('/admin/dashboard', status: 302)
 | |
| 
 | |
|   namespace :api do
 | |
|     # OEmbed
 | |
|     get '/oembed', to: 'oembed#show', as: :oembed
 | |
| 
 | |
|     # Identity proofs
 | |
|     get :proofs, to: 'proofs#index'
 | |
| 
 | |
|     # JSON / REST API
 | |
|     namespace :v1 do
 | |
|       resources :statuses, only: [:create, :show, :destroy] do
 | |
|         scope module: :statuses do
 | |
|           resources :reblogged_by, controller: :reblogged_by_accounts, only: :index
 | |
|           resources :favourited_by, controller: :favourited_by_accounts, only: :index
 | |
|           resource :reblog, only: :create
 | |
|           post :unreblog, to: 'reblogs#destroy'
 | |
| 
 | |
|           resource :favourite, only: :create
 | |
|           post :unfavourite, to: 'favourites#destroy'
 | |
| 
 | |
|           resource :mute, only: :create
 | |
|           post :unmute, to: 'mutes#destroy'
 | |
| 
 | |
|           resource :pin, only: :create
 | |
|           post :unpin, to: 'pins#destroy'
 | |
|         end
 | |
| 
 | |
|         member do
 | |
|           get :context
 | |
|         end
 | |
|       end
 | |
| 
 | |
|       namespace :timelines do
 | |
|         resource :home, only: :show, controller: :home
 | |
|         resource :public, only: :show, controller: :public
 | |
|         resources :tag, only: :show
 | |
|         resources :list, only: :show
 | |
|       end
 | |
| 
 | |
|       resources :streaming, only: [:index]
 | |
|       resources :custom_emojis, only: [:index]
 | |
|       resources :suggestions, only: [:index, :destroy]
 | |
|       resources :scheduled_statuses, only: [:index, :show, :update, :destroy]
 | |
|       resources :preferences, only: [:index]
 | |
| 
 | |
|       resources :conversations, only: [:index, :destroy] do
 | |
|         member do
 | |
|           post :read
 | |
|         end
 | |
|       end
 | |
| 
 | |
|       get '/search', to: 'search#index', as: :search
 | |
| 
 | |
|       resources :media,        only: [:create, :update]
 | |
|       resources :blocks,       only: [:index]
 | |
|       resources :mutes,        only: [:index]
 | |
|       resources :favourites,   only: [:index]
 | |
|       resources :reports,      only: [:create]
 | |
|       resources :filters,      only: [:index, :create, :show, :update, :destroy]
 | |
|       resources :endorsements, only: [:index]
 | |
| 
 | |
|       namespace :apps do
 | |
|         get :verify_credentials, to: 'credentials#show'
 | |
|       end
 | |
| 
 | |
|       resources :apps, only: [:create]
 | |
| 
 | |
|       resource :instance, only: [:show] do
 | |
|         resources :peers, only: [:index], controller: 'instances/peers'
 | |
|         resource :activity, only: [:show], controller: 'instances/activity'
 | |
|       end
 | |
| 
 | |
|       resource :domain_blocks, only: [:show, :create, :destroy]
 | |
| 
 | |
|       resources :follow_requests, only: [:index] do
 | |
|         member do
 | |
|           post :authorize
 | |
|           post :reject
 | |
|         end
 | |
|       end
 | |
| 
 | |
|       resources :notifications, only: [:index, :show] do
 | |
|         collection do
 | |
|           post :clear
 | |
|         end
 | |
| 
 | |
|         member do
 | |
|           post :dismiss
 | |
|         end
 | |
|       end
 | |
| 
 | |
|       namespace :accounts do
 | |
|         get :verify_credentials, to: 'credentials#show'
 | |
|         patch :update_credentials, to: 'credentials#update'
 | |
|         resource :search, only: :show, controller: :search
 | |
|         resources :relationships, only: :index
 | |
|       end
 | |
| 
 | |
|       resources :accounts, only: [:create, :show] do
 | |
|         resources :statuses, only: :index, controller: 'accounts/statuses'
 | |
|         resources :followers, only: :index, controller: 'accounts/follower_accounts'
 | |
|         resources :following, only: :index, controller: 'accounts/following_accounts'
 | |
|         resources :lists, only: :index, controller: 'accounts/lists'
 | |
|         resources :identity_proofs, only: :index, controller: 'accounts/identity_proofs'
 | |
| 
 | |
|         member do
 | |
|           post :follow
 | |
|           post :unfollow
 | |
|           post :block
 | |
|           post :unblock
 | |
|           post :mute
 | |
|           post :unmute
 | |
|         end
 | |
| 
 | |
|         resource :pin, only: :create, controller: 'accounts/pins'
 | |
|         post :unpin, to: 'accounts/pins#destroy'
 | |
|       end
 | |
| 
 | |
|       resources :lists, only: [:index, :create, :show, :update, :destroy] do
 | |
|         resource :accounts, only: [:show, :create, :destroy], controller: 'lists/accounts'
 | |
|       end
 | |
| 
 | |
|       resources :polls, only: [:create, :show] do
 | |
|         resources :votes, only: :create, controller: 'polls/votes'
 | |
|       end
 | |
| 
 | |
|       namespace :push do
 | |
|         resource :subscription, only: [:create, :show, :update, :destroy]
 | |
|       end
 | |
| 
 | |
|       namespace :admin do
 | |
|         resources :accounts, only: [:index, :show] do
 | |
|           member do
 | |
|             post :enable
 | |
|             post :unsilence
 | |
|             post :unsuspend
 | |
|             post :approve
 | |
|             post :reject
 | |
|           end
 | |
| 
 | |
|           resource :action, only: [:create], controller: 'account_actions'
 | |
|         end
 | |
| 
 | |
|         resources :reports, only: [:index, :show] do
 | |
|           member do
 | |
|             post :assign_to_self
 | |
|             post :unassign
 | |
|             post :reopen
 | |
|             post :resolve
 | |
|           end
 | |
|         end
 | |
|       end
 | |
|     end
 | |
| 
 | |
|     namespace :v2 do
 | |
|       get '/search', to: 'search#index', as: :search
 | |
|     end
 | |
| 
 | |
|     namespace :web do
 | |
|       resource :settings, only: [:update]
 | |
|       resource :embed, only: [:create]
 | |
|       resources :push_subscriptions, only: [:create] do
 | |
|         member do
 | |
|           put :update
 | |
|         end
 | |
|       end
 | |
|     end
 | |
|   end
 | |
| 
 | |
|   get '/web/(*any)', to: 'home#index', as: :web
 | |
| 
 | |
|   get '/about',      to: 'about#show'
 | |
|   get '/about/more', to: 'about#more'
 | |
|   get '/terms',      to: 'about#terms'
 | |
| 
 | |
|   root 'home#index'
 | |
| 
 | |
|   match '*unmatched_route',
 | |
|         via: :all,
 | |
|         to: 'application#raise_not_found',
 | |
|         format: false
 | |
| end
 |