Send token when querying a status

If the user is logged in, send their token when querying for a status. This prevents the API returning a 404 when the status being queried is private or direct.
2018-10-08 07:13:34 -07:00 · 2018-10-08 07:13:34 -07:00 · f873271675
parent 24dc518fc3
commit f873271675
1 changed files with 15 additions and 2 deletions
--- a/app/Http/Controllers/StatusController.php
+++ b/app/Http/Controllers/StatusController.php
@ -22,8 +22,21 @@ class StatusController extends Controller
            // If the status hasn't been returned from performing an action,
            // we need to query for it.

-            $status = Mastodon::domain(env('MASTODON_DOMAIN'))
-                ->get('/statuses/' . $status_id);
+            if (session()->has('user'))
+            {
+                // If the user is logged in, send the token to ensure they
+                // can see private and direct statuses. Otherwise the API
+                // returns a 404.
+
+                $status = Mastodon::domain(env('MASTODON_DOMAIN'))
+                    ->token(session('user')->token)
+                    ->get('/statuses/' . $status_id);
+            }
+            else
+            {
+                $status = Mastodon::domain(env('MASTODON_DOMAIN'))
+                    ->get('/statuses/' . $status_id);
+            }
        }

        $vars = [