Commit d95f0809 authored by hannes's avatar hannes

change login method to native gnu social

this required an edit of lib/apiauthaction.php to accept the normal
login session as authentication. i'm not sure if this might cause any
problems or security risks, but i don't think so..
parent 640d69c4
......@@ -26,16 +26,16 @@ Setup
2. Put all files in /plugins/Qvitter
3. Add `addPlugin('Qvitter');` to your /config.php file.
3. Replace your lib/apiauthaction.php file with the one supplied in edited-gnu-social-files/lib/apiauthaction.php
4. There are a few settings in /plugins/Qvitter/QvitterPlugin.php. By default Qvitter is
4. Add `addPlugin('Qvitter');` to your /config.php file.
5. There are a few settings in /plugins/Qvitter/QvitterPlugin.php. By default Qvitter is
opt-out for users. If you set `$settings['enabledbydefault'] = false;` Qvitter will
be opt-in instead.
5. Users can go to ://{instance}/settings/qvitter and enable or disable Qvitter.
6. Users can go to ://{instance}/settings/qvitter and enable or disable Qvitter.
NOTE: Qvitter is now a plugin for GNU Social. There will probably be bugs because of
this change.
TODO
......
......@@ -33,7 +33,7 @@
· Contact h@nnesmannerhe.im if you have any questions. ·
· ·
· · · · · · · · · · · · · · · · · · · · · · · · · · · · · · · · · · · · · · · */
class QvitterAction extends Action
class QvitterAction extends ApiAction
{
function isReadOnly($args)
......@@ -63,11 +63,18 @@ class QvitterAction extends Action
$logged_in_user_nickname = '';
$logged_in_user_obj = false;
$logged_in_user = common_current_user();
if($logged_in_user) {
$logged_in_user_nickname = $logged_in_user->nickname;
$logged_in_user_obj = ApiAction::twitterUserArray($logged_in_user->getProfile());
}
$registrationsclosed = false;
if(common_config('site','closed') == 1 || common_config('site','inviteonly') == 1) {
$registrationsclosed = true;
}
$sitetitle = common_config('site','name');
$siterootdomain = common_config('site','server');
$qvitterpath = Plugin::staticPath('Qvitter', '');
......@@ -139,13 +146,17 @@ class QvitterAction extends Action
print ' <link rel="meta" href="'.$instanceurl.'group/'.$group_name.'/foaf" type="application/rdf+xml" title="FOAF for '.$group_id_or_name.' group"/>'."\n";
}
}
?>
<script>
window.textLimit = <?php print json_encode((int)common_config('site','textlimit')) ?>;
window.registrationsClosed = <?php print json_encode($registrationsclosed) ?>;
window.siteTitle = <?php print json_encode($sitetitle) ?>;
window.isLoggedIn = <?php if($logged_in_user) { print 'true'; } else { print 'false'; } ?>;
window.loggedIn = <?php print json_encode($logged_in_user_obj) ?>;
window.timeBetweenPolling = <?php print QvitterPlugin::settings("timebetweenpolling"); ?>;
window.qvitterApiRoot = '<?php print common_path("api/qvitter.json", true); ?>';
window.apiRoot = '<?php print common_path("api/", true); ?>';
window.fullUrlToThisQvitterApp = '<?php print $qvitterpath; ?>';
window.siteRootDomain = '<?php print $siterootdomain; ?>';
window.siteInstanceURL = '<?php print $instanceurl; ?>';
......@@ -277,14 +288,16 @@ class QvitterAction extends Action
</div>
</form>
</div>
<div class="front-signup">
<?php
if($registrationsclosed === false) {
?><div class="front-signup">
<h2></h2>
<div class="signup-input-container"><input placeholder="" type="text" name="user[name]" autocomplete="off" class="text-input" id="signup-user-name"></div>
<div class="signup-input-container"><input placeholder="" type="text" name="user[email]" autocomplete="off" id="signup-user-email"></div>
<div class="signup-input-container"><input placeholder="" type="password" name="user[user_password]" class="text-input" id="signup-user-password"></div>
<button id="signup-btn-step1" class="signup-btn" type="submit"></button>
<div id="other-servers-link"></div>
</div>
</div><?php } ?>
<div id="user-header">
<img id="user-avatar" src="" />
<div id="user-name"></div>
......@@ -314,7 +327,7 @@ class QvitterAction extends Action
<a class="stream-selection my-timeline" data-stream-header="@statuses/user_timeline.json" data-stream-name="statuses/user_timeline.json"><i class="chev-right"></i></a>
<a class="stream-selection favorites" data-stream-header="" data-stream-name="favorites.json"><i class="chev-right"></i></a>
<a href="<?php print $instanceurl ?>" class="stream-selection public-timeline" data-stream-header="" data-stream-name="statuses/public_timeline.json"><i class="chev-right"></i></a>
<a href="<?php print $instanceurl ?>main/all" class="stream-selection public-and-external-timeline" data-stream-header="" data-stream-name="statuses/public_and_external_timeline.json?since_id=1"><i class="chev-right"></i></a>
<a href="<?php print $instanceurl ?>main/all" class="stream-selection public-and-external-timeline" data-stream-header="" data-stream-name="statuses/public_and_external_timeline.json"><i class="chev-right"></i></a>
</div>
<div class="menu-container" id="history-container"></div>
</div>
......@@ -348,3 +361,4 @@ class QvitterAction extends Action
}
}
<?php
/* · · · · · · · · · · · · · · · · · · · · · · · · · · · · · · · · · · · · · · ·
· ·
· ·
· Q V I T T E R ·
· ·
· http://github.com/hannesmannerheim/qvitter ·
· ·
· ·
· <o) ·
· /_//// ·
· (____/ ·
· (o< ·
· o> \\\\_\ ·
· \\) \____) ·
· ·
· ·
· ·
· Qvitter is free software: you can redistribute it and / or modify it ·
· under the terms of the GNU Affero General Public License as published by ·
· the Free Software Foundation, either version three of the License or (at ·
· your option) any later version. ·
· ·
· Qvitter is distributed in hope that it will be useful but WITHOUT ANY ·
· WARRANTY; without even the implied warranty of MERCHANTABILTY or FITNESS ·
· FOR A PARTICULAR PURPOSE. See the GNU Affero General Public License for ·
· more details. ·
· ·
· You should have received a copy of the GNU Affero General Public License ·
· along with Qvitter. If not, see <http://www.gnu.org/licenses/>. ·
· ·
· Contact h@nnesmannerhe.im if you have any questions. ·
· ·
· · · · · · · · · · · · · · · · · · · · · · · · · · · · · · · · · · · · · · · */
class QvitterApiAction extends ApiAction
{
protected $needPost = true;
protected function prepare(array $args=array())
{
parent::prepare($args);
return true;
}
protected function handle()
{
parent::handle();
$apiroot = common_path('api/', true);
header("Content-type: application/json; charset=utf-8");
// post requests
if(isset($_POST['postRequest'])) {
$query = http_build_query($_POST, '', '&');
$ch=curl_init();
curl_setopt($ch, CURLOPT_URL, $apiroot.urldecode($_POST['postRequest']));
curl_setopt($ch, CURLOPT_USERPWD, $_POST['username'].":".$_POST['password']);
curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);
curl_setopt($ch, CURLOPT_POST, 1);
curl_setopt($ch, CURLOPT_POSTFIELDS, $query);
session_write_close(); // fix problem with curling to local
$reply=curl_exec($ch);
curl_close($ch);
// get requests
} elseif(isset($_POST['getRequest'])) {
$ch=curl_init();
curl_setopt($ch, CURLOPT_URL, $apiroot.$_POST['getRequest']);
if(isset($_POST['username'])) {
curl_setopt($ch, CURLOPT_USERPWD, $_POST['username'].":".$_POST['password']);
}
curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);
session_write_close();
$reply=curl_exec($ch);
curl_close($ch);
} else {
// 400 Bad request, since neither postRequest or getRequest were included
http_response_code(400);
exit;
}
session_start();
echo $reply;
}
}
/* · · · · · · · · · · · · · · · · · · · · · · · · · · · · · · · · · · · · · · ·
· ·
· (o> >o) ·
· \\\\_\ /_//// .
· \____) (____/ ·
· ·
· · · · · · · · · · · · · · · · · · · · · · · · · · · · · · · · · · · · · · · */?>
This diff is collapsed.
......@@ -33,6 +33,18 @@
· ·
· · · · · · · · · · · · · · · · · · · · · · · · · · · · · · · · · · · · · · · */
/* ·
·
· Current time in milliseconds, to send with each request to make sure
· we're not getting 304 responses.
·
·
· · · · · · · · · · · · · */
function timeNow() {
return new Date().getTime();
}
/* ·
·
......@@ -45,42 +57,24 @@
· · · · · · · · · */
function checkLogin(username,password,actionOnSuccess) {
$.ajax({ url: window.qvitterApiRoot,
type: 'POST',
data: {
getRequest: "account/verify_credentials.json",
username: username,
password: password
},
$.ajax({ url: 'http://' + username + ':' + password + '@qvitter.dev/api/account/verify_credentials.json',
type: 'GET',
dataType: 'json',
error: function() {
logoutWithoutReload(true);
},
success: function(data) {
success: function(data) {
if(typeof data.error == 'undefined') {
actionOnSuccess(data);
}
else {
// if no stream is set, get the one from the url
if(typeof window.currentStream == 'undefined' || window.currentStream == '') {
setNewCurrentStream(getStreamFromUrl(),function(){
logoutWithoutReload(true);
remove_spinner();
},true);
}
// if we have a strem, just just do logout and shake...
else {
logoutWithoutReload(true);
remove_spinner();
}
logoutWithoutReload(true);
}
}
});
}
/* ·
·
· Generic API GET request
......@@ -91,45 +85,18 @@ function checkLogin(username,password,actionOnSuccess) {
· · · · · · · · · · · · · */
function getFromAPI(stream, actionOnSuccess) {
// request without username/password
if(typeof window.loginUsername == 'undefined') {
$.ajax({ url: window.qvitterApiRoot,
type: "POST",
data: {
getRequest: stream
},
dataType: 'json',
success: function(data) {
actionOnSuccess(data);
},
error: function(data) {
actionOnSuccess(false);
console.log(data);
remove_spinner();
}
});
}
// with username/password if set
else {
$.ajax({ url: window.qvitterApiRoot,
type: "POST",
data: {
getRequest: stream,
username: window.loginUsername,
password: window.loginPassword
},
dataType: 'json',
success: function(data) {
actionOnSuccess(data);
},
error: function(data) {
actionOnSuccess(false);
console.log(data);
remove_spinner();
}
});
}
$.ajax({ url: window.apiRoot + stream + qOrAmp(stream) + 't=' + timeNow(),
type: "GET",
dataType: 'json',
success: function(data) {
actionOnSuccess(data);
},
error: function(data) {
actionOnSuccess(false);
console.log(data);
remove_spinner();
}
});
}
......@@ -144,14 +111,11 @@ function getFromAPI(stream, actionOnSuccess) {
· · · · · · · · · · · · · */
function postQueetToAPI(queetText_txt, actionOnSuccess) {
$.ajax({ url: window.qvitterApiRoot,
$.ajax({ url: window.apiRoot + 'statuses/update.json?t=' + timeNow(),
type: "POST",
data: {
postRequest: 'statuses/update.json',
status: queetText_txt,
source: 'Qvitter',
username: window.loginUsername,
password: window.loginPassword
source: 'Qvitter'
},
dataType: "json",
error: function(data){ actionOnSuccess(false); console.log(data); },
......@@ -169,13 +133,10 @@ function postQueetToAPI(queetText_txt, actionOnSuccess) {
· · · · · · · · · · · · · */
function postNewLinkColor(newLinkColor) {
$.ajax({ url: window.qvitterApiRoot,
$.ajax({ url: window.apiRoot + 'qvitter/update_link_color.json?t=' + timeNow(),
type: "POST",
data: {
postRequest: 'qvitter/update_link_color.json',
linkcolor: newLinkColor,
username: window.loginUsername,
password: window.loginPassword
linkcolor: newLinkColor
},
dataType:"json",
error: function(data){ console.log(data); },
......@@ -196,13 +157,10 @@ function postNewLinkColor(newLinkColor) {
· · · · · · · · · · · · · */
function postNewBackgroundColor(newBackgroundColor) {
$.ajax({ url: window.qvitterApiRoot,
$.ajax({ url: window.apiRoot + 'qvitter/update_background_color.json?t=' + timeNow(),
type: "POST",
data: {
postRequest: 'qvitter/update_background_color.json',
backgroundcolor: newBackgroundColor,
username: window.loginUsername,
password: window.loginPassword
backgroundcolor: newBackgroundColor
},
dataType:"json",
error: function(data){ console.log(data); },
......@@ -227,19 +185,16 @@ function postNewBackgroundColor(newBackgroundColor) {
function APIFollowOrUnfollowUser(followOrUnfollow,user_id,this_element,actionOnSuccess) {
if(followOrUnfollow == 'follow') {
var postRequest = 'friendships/create.json';
var postRequest = 'friendships/create.json?t=' + timeNow();
}
else if (followOrUnfollow == 'unfollow') {
var postRequest = 'friendships/destroy.json';
var postRequest = 'friendships/destroy.json?t=' + timeNow();
}
$.ajax({ url: window.qvitterApiRoot,
$.ajax({ url: window.apiRoot + postRequest,
type: "POST",
data: {
postRequest: postRequest,
user_id: user_id,
username: window.loginUsername,
password: window.loginPassword
user_id: user_id
},
dataType:"json",
error: function(data){ actionOnSuccess(false,this_element); console.log(data); },
......@@ -259,13 +214,10 @@ function APIFollowOrUnfollowUser(followOrUnfollow,user_id,this_element,actionOnS
· · · · · · · · · · · · · */
function APIJoinOrLeaveGroup(joinOrLeave,group_id,this_element,actionOnSuccess) {
$.ajax({ url: window.qvitterApiRoot,
$.ajax({ url: window.apiRoot + 'statusnet/groups/' + joinOrLeave + '.json?t=' + timeNow(),
type: "POST",
data: {
postRequest: 'statusnet/groups/' + joinOrLeave + '.json',
id: group_id,
username: window.loginUsername,
password: window.loginPassword
id: group_id
},
dataType:"json",
error: function(data){ actionOnSuccess(false,this_element); console.log(data); },
......@@ -285,14 +237,11 @@ function APIJoinOrLeaveGroup(joinOrLeave,group_id,this_element,actionOnSuccess)
· · · · · · · · · · · · · */
function postReplyToAPI(queetText_txt, in_reply_to_status_id, actionOnSuccess) {
$.ajax({ url: window.qvitterApiRoot,
$.ajax({ url: window.apiRoot + 'statuses/update.json?t=' + timeNow(),
type: "POST",
data: {
postRequest: 'statuses/update.json',
status: queetText_txt,
source: 'Qvitter',
username: window.loginUsername,
password: window.loginPassword,
in_reply_to_status_id: in_reply_to_status_id
},
dataType:"json",
......@@ -314,13 +263,10 @@ function postReplyToAPI(queetText_txt, in_reply_to_status_id, actionOnSuccess) {
· · · · · · · · · · · · · */
function postActionToAPI(action, actionOnSuccess) {
$.ajax({ url: window.qvitterApiRoot,
$.ajax({ url: window.apiRoot + action + qOrAmp(action) + 't=' + timeNow(),
type: "POST",
data: {
postRequest: action,
source: 'Qvitter',
username: window.loginUsername,
password: window.loginPassword
source: 'Qvitter'
},
dataType:"json",
error: function(data){ actionOnSuccess(false); console.log(data); },
......@@ -373,13 +319,8 @@ function unRequeet(this_stream_item, this_action, my_rq_id) {
function getFavsOrRequeetsForQueet(apiaction,qid,actionOnSuccess) {
if(apiaction=="requeets") { apiaction="retweets"; } // we might mix this up...
$.ajax({ url: window.qvitterApiRoot,
type: "POST",
data: {
getRequest: "statuses/" + apiaction + "/" + qid + ".json",
username: window.loginUsername,
password: window.loginPassword
},
$.ajax({ url: window.apiRoot + "statuses/" + apiaction + "/" + qid + ".json?t=" + timeNow(),
type: "GET",
dataType: 'json',
success: function(data) {
if(data.length > 0) {
......
This diff is collapsed.
This diff is collapsed.
......@@ -381,7 +381,7 @@ function placeCaretAtEnd(el) {
function updateHistoryLocalStorage() {
if(localStorageIsEnabled()) {
var i=0;
var localStorageName = window.loginUsername + '-history-container-v2';
var localStorageName = window.loggedIn.screen_name + '-history-container-v2';
var historyContainer = new Object();
$.each($('#history-container .stream-selection'), function(key,obj) {
historyContainer[i] = new Object();
......@@ -410,7 +410,7 @@ function updateHistoryLocalStorage() {
function loadHistoryFromLocalStorage() {
if(localStorageIsEnabled()) {
var localStorageName = window.loginUsername + '-history-container-v2';
var localStorageName = window.loggedIn.screen_name + '-history-container-v2';
if(typeof localStorage[localStorageName] != "undefined") {
$('#history-container').css('display','block');
$('#history-container').html('');
......@@ -452,35 +452,37 @@ function qOrAmp(stream) {
· · · · · · · · · · · · · */
function countCharsInQueetBox(src,trgt,btn) {
var numchars = $.trim(src).length;
trgt.html(140 - numchars);
// activate/deactivare button
if(numchars > 0 && numchars < 141) {
btn.removeClass('disabled');
btn.addClass('enabled');
// deactivate button if it's equal to the start text
var startText = btn.closest('.inline-reply-queetbox').children('.queet-box-template').attr('data-start-text');
if(typeof startText != 'undefined') {
if($.trim(startText) == $.trim(src)) {
btn.removeClass('enabled');
btn.addClass('disabled');
if(window.textLimit > 0) {
var numchars = $.trim(src).length;
trgt.html(window.textLimit - numchars);
// activate/deactivare button
if(numchars > 0 && numchars < window.textLimit+1) {
btn.removeClass('disabled');
btn.addClass('enabled');
// deactivate button if it's equal to the start text
var startText = btn.closest('.inline-reply-queetbox').children('.queet-box-template').attr('data-start-text');
if(typeof startText != 'undefined') {
if($.trim(startText) == $.trim(src)) {
btn.removeClass('enabled');
btn.addClass('disabled');
}
}
}
}
else {
btn.removeClass('enabled');
btn.addClass('disabled');
}
else {
btn.removeClass('enabled');
btn.addClass('disabled');
}
// counter color
if((140-numchars) < 0) {
trgt.css('color','#D40D12');
}
else {
trgt.removeAttr('style');
// counter color
if((window.textLimit-numchars) < 0) {
trgt.css('color','#D40D12');
}
else {
trgt.removeAttr('style');
}
}
}
......
This diff is collapsed.
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment