// GoToSocial // Copyright (C) GoToSocial Authors admin@gotosocial.org // SPDX-License-Identifier: AGPL-3.0-or-later // // This program is free software: you can redistribute it and/or modify // it under the terms of the GNU Affero General Public License as published by // the Free Software Foundation, either version 3 of the License, or // (at your option) any later version. // // This program is distributed in the hope that it will be useful, // but WITHOUT ANY WARRANTY; without even the implied warranty of // MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the // GNU Affero General Public License for more details. // // You should have received a copy of the GNU Affero General Public License // along with this program. If not, see . package web import ( "context" "encoding/json" "errors" "fmt" "net/http" "strings" "github.com/gin-gonic/gin" "github.com/superseriousbusiness/gotosocial/internal/ap" apimodel "github.com/superseriousbusiness/gotosocial/internal/api/model" apiutil "github.com/superseriousbusiness/gotosocial/internal/api/util" "github.com/superseriousbusiness/gotosocial/internal/config" "github.com/superseriousbusiness/gotosocial/internal/gtserror" "github.com/superseriousbusiness/gotosocial/internal/oauth" ) const ( // MaxStatusIDKey is for specifying the maximum ID of the status to retrieve. MaxStatusIDKey = "max_id" ) func (m *Module) profileGETHandler(c *gin.Context) { ctx := c.Request.Context() authed, err := oauth.Authed(c, false, false, false, false) if err != nil { apiutil.WebErrorHandler(c, gtserror.NewErrorUnauthorized(err, err.Error()), m.processor.InstanceGetV1) return } username := strings.ToLower(c.Param(usernameKey)) if username == "" { err := errors.New("no account username specified") apiutil.WebErrorHandler(c, gtserror.NewErrorBadRequest(err, err.Error()), m.processor.InstanceGetV1) return } instance, err := m.processor.InstanceGetV1(ctx) if err != nil { apiutil.WebErrorHandler(c, gtserror.NewErrorInternalError(err), m.processor.InstanceGetV1) return } instanceGet := func(ctx context.Context) (*apimodel.InstanceV1, gtserror.WithCode) { return instance, nil } account, errWithCode := m.processor.Account().GetLocalByUsername(ctx, authed.Account, username) if errWithCode != nil { apiutil.WebErrorHandler(c, errWithCode, instanceGet) return } // if we're getting an AP request on this endpoint we // should render the account's AP representation instead accept := c.NegotiateFormat(string(apiutil.TextHTML), string(apiutil.AppActivityJSON), string(apiutil.AppActivityLDJSON)) if accept == string(apiutil.AppActivityJSON) || accept == string(apiutil.AppActivityLDJSON) { m.returnAPProfile(ctx, c, username, accept) return } var rssFeed string if account.EnableRSS { rssFeed = "/@" + account.Username + "/feed.rss" } // only allow search engines / robots to view this page if account is discoverable var robotsMeta string if account.Discoverable { robotsMeta = robotsMetaAllowSome } // We need to change our response slightly if the // profile visitor is paging through statuses. var ( paging bool pinnedResp = &apimodel.PageableResponse{} maxStatusID string ) if maxStatusIDString := c.Query(MaxStatusIDKey); maxStatusIDString != "" { maxStatusID = maxStatusIDString paging = true } statusResp, errWithCode := m.processor.Account().WebStatusesGet(ctx, account.ID, maxStatusID) if errWithCode != nil { apiutil.WebErrorHandler(c, errWithCode, instanceGet) return } // If we're not paging, then the profile visitor // is currently just opening the bare profile, so // load pinned statuses so we can show them at the // top of the profile. if !paging { pinnedResp, errWithCode = m.processor.Account().StatusesGet(ctx, authed.Account, account.ID, 0, false, false, "", "", true, false, false) if errWithCode != nil { apiutil.WebErrorHandler(c, errWithCode, instanceGet) return } } stylesheets := []string{ assetsPathPrefix + "/Fork-Awesome/css/fork-awesome.min.css", distPathPrefix + "/status.css", distPathPrefix + "/profile.css", } if config.GetAccountsAllowCustomCSS() { stylesheets = append(stylesheets, "/@"+account.Username+"/custom.css") } c.HTML(http.StatusOK, "profile.tmpl", gin.H{ "instance": instance, "account": account, "ogMeta": ogBase(instance).withAccount(account), "rssFeed": rssFeed, "robotsMeta": robotsMeta, "statuses": statusResp.Items, "statuses_next": statusResp.NextLink, "pinned_statuses": pinnedResp.Items, "show_back_to_top": paging, "stylesheets": stylesheets, "javascript": []string{distPathPrefix + "/frontend.js"}, }) } func (m *Module) returnAPProfile(ctx context.Context, c *gin.Context, username string, accept string) { verifier, signed := c.Get(string(ap.ContextRequestingPublicKeyVerifier)) if signed { ctx = context.WithValue(ctx, ap.ContextRequestingPublicKeyVerifier, verifier) } signature, signed := c.Get(string(ap.ContextRequestingPublicKeySignature)) if signed { ctx = context.WithValue(ctx, ap.ContextRequestingPublicKeySignature, signature) } user, errWithCode := m.processor.Fedi().UserGet(ctx, username, c.Request.URL) if errWithCode != nil { apiutil.WebErrorHandler(c, errWithCode, m.processor.InstanceGetV1) //nolint:contextcheck return } b, mErr := json.Marshal(user) if mErr != nil { err := fmt.Errorf("could not marshal json: %s", mErr) apiutil.WebErrorHandler(c, gtserror.NewErrorInternalError(err), m.processor.InstanceGetV1) //nolint:contextcheck return } c.Data(http.StatusOK, accept, b) }