planiverse

A minimalist, no-JS front-end for Mastodon.
git clone https://git.mulligrubs.me/planiverse
Log | Files | Refs | README | LICENSE

commit f8732716758c21995aff9157f43a512be438df83
parent 24dc518fc3ce55611f4ade415c25f5a190b8c2ab
Author: St John Karp <stjohn@fuzzjunket.com>
Date:   Mon,  8 Oct 2018 07:13:34 -0700

Send token when querying a status

If the user is logged in, send their token when querying for a status.
This prevents the API returning a 404 when the status being queried
is private or direct.

Diffstat:
Mapp/Http/Controllers/StatusController.php | 17+++++++++++++++--
1 file changed, 15 insertions(+), 2 deletions(-)

diff --git a/app/Http/Controllers/StatusController.php b/app/Http/Controllers/StatusController.php @@ -22,8 +22,21 @@ class StatusController extends Controller // If the status hasn't been returned from performing an action, // we need to query for it. - $status = Mastodon::domain(env('MASTODON_DOMAIN')) - ->get('/statuses/' . $status_id); + if (session()->has('user')) + { + // If the user is logged in, send the token to ensure they + // can see private and direct statuses. Otherwise the API + // returns a 404. + + $status = Mastodon::domain(env('MASTODON_DOMAIN')) + ->token(session('user')->token) + ->get('/statuses/' . $status_id); + } + else + { + $status = Mastodon::domain(env('MASTODON_DOMAIN')) + ->get('/statuses/' . $status_id); + } } $vars = [