Disable third-party registrations
This commit is contained in:
parent
47cfde3475
commit
a7289af257
@ -43,21 +43,25 @@
|
||||
[redis]
|
||||
port=6379
|
||||
|
||||
[external]
|
||||
# Set to true if you allow registrations from the following services
|
||||
registrations=false
|
||||
|
||||
# Uncomment if you want to be using Twitter authentication
|
||||
[twitter]
|
||||
[external.twitter]
|
||||
# api=""
|
||||
# api_secret=""
|
||||
|
||||
# Uncomment if you want to be using Facebook authentication
|
||||
[facebook]
|
||||
[external.facebook]
|
||||
# client=""
|
||||
|
||||
# Uncomment if you want to be using Discord authentication
|
||||
[discord]
|
||||
[external.discord]
|
||||
# api=""
|
||||
# api_secret=""
|
||||
|
||||
[google]
|
||||
[external.google]
|
||||
# api=""
|
||||
# api_secret=""
|
||||
|
||||
|
@ -56,6 +56,7 @@ const API = {
|
||||
},
|
||||
// Create a new user
|
||||
newUser: async (service, identifier, data) => {
|
||||
if (config.external.registrations !== true) throw new Error('Registrations from third-party websites are not allowed.')
|
||||
let udataLimited = Object.assign({
|
||||
activated: 1,
|
||||
created_at: new Date(),
|
||||
@ -239,8 +240,8 @@ const API = {
|
||||
twitterApp = new oauth.PromiseOAuth(
|
||||
'https://api.twitter.com/oauth/request_token',
|
||||
'https://api.twitter.com/oauth/access_token',
|
||||
config.twitter.api,
|
||||
config.twitter.api_secret,
|
||||
config.external.twitter.api,
|
||||
config.external.twitter.api_secret,
|
||||
'1.0A',
|
||||
redirectUri,
|
||||
'HMAC-SHA1'
|
||||
@ -360,8 +361,8 @@ const API = {
|
||||
oauth2App: function () {
|
||||
if (discordApp) return
|
||||
discordApp = new oauth.PromiseOAuth2(
|
||||
config.discord.api,
|
||||
config.discord.api_secret,
|
||||
config.external.discord.api,
|
||||
config.external.discord.api_secret,
|
||||
'https://discordapp.com/api/',
|
||||
'oauth2/authorize',
|
||||
'oauth2/token'
|
||||
@ -375,7 +376,7 @@ const API = {
|
||||
let redirectUri = config.server.domain + '/api/external/discord/callback'
|
||||
|
||||
const params = {
|
||||
'client_id': config.discord.api,
|
||||
'client_id': config.external.discord.api,
|
||||
'redirect_uri': redirectUri,
|
||||
'scope': 'identify email',
|
||||
'response_type': 'code',
|
||||
|
@ -102,25 +102,35 @@ router.get('/', (req, res) => {
|
||||
})
|
||||
|
||||
// Add social media login buttons
|
||||
function extraButtons (req, res, next) {
|
||||
if (config.twitter && config.twitter.api) {
|
||||
res.locals.twitter_auth = true
|
||||
function extraButtons (recheck) {
|
||||
let et = config.external
|
||||
return function (req, res, next) {
|
||||
if (!et) return next()
|
||||
res.locals.auth = {
|
||||
registrations: et.registrations
|
||||
}
|
||||
|
||||
if (config.discord && config.discord.api) {
|
||||
res.locals.discord_auth = true
|
||||
if (recheck && et.registrations !== true) return next()
|
||||
|
||||
if (et.twitter && et.twitter.api) {
|
||||
res.locals.auth.twitter = true
|
||||
}
|
||||
|
||||
if (config.facebook && config.facebook.client) {
|
||||
res.locals.facebook_auth = config.facebook.client
|
||||
if (et.discord && et.discord.api) {
|
||||
res.locals.auth.discord = true
|
||||
}
|
||||
|
||||
if (config.google && config.google.api) {
|
||||
res.locals.google_auth = config.google.api
|
||||
if (et.facebook && et.facebook.client) {
|
||||
res.locals.auth.facebook = et.facebook.client
|
||||
}
|
||||
|
||||
if (et.google && et.google.api) {
|
||||
res.locals.auth.google = et.google.api
|
||||
}
|
||||
|
||||
next()
|
||||
}
|
||||
}
|
||||
|
||||
// Retrieve form data if formError was called
|
||||
function formKeep (req, res, next) {
|
||||
@ -136,7 +146,7 @@ function formKeep (req, res, next) {
|
||||
}
|
||||
|
||||
// Password reset request endpoint
|
||||
router.get('/login/reset', extraButtons, (req, res) => {
|
||||
router.get('/login/reset', extraButtons(false), (req, res) => {
|
||||
if (req.session.user) return redirectLogin(req, res)
|
||||
|
||||
res.render('user/reset_password', {sent: req.query.success != null})
|
||||
@ -157,7 +167,7 @@ router.get('/reset/:token', wrap(async (req, res) => {
|
||||
res.render('user/password_new', {token: true})
|
||||
}))
|
||||
|
||||
router.get('/login', extraButtons, (req, res) => {
|
||||
router.get('/login', extraButtons(false), (req, res) => {
|
||||
if (req.session.user) return redirectLogin(req, res)
|
||||
|
||||
if (req.query.returnTo) {
|
||||
@ -167,7 +177,7 @@ router.get('/login', extraButtons, (req, res) => {
|
||||
res.render('user/login')
|
||||
})
|
||||
|
||||
router.get('/register', extraButtons, formKeep, (req, res) => {
|
||||
router.get('/register', extraButtons(true), formKeep, (req, res) => {
|
||||
if (req.session.user) return redirectLogin(req, res)
|
||||
|
||||
if (config.security.recaptcha && config.security.recaptcha.site_key) {
|
||||
|
@ -1,5 +1,5 @@
|
||||
.external-login
|
||||
if facebook_auth
|
||||
if auth.facebook
|
||||
div#fb-root
|
||||
script.
|
||||
window.fbAsyncInit = function() {
|
||||
@ -20,7 +20,7 @@
|
||||
fjs.parentNode.insertBefore(js, fjs);
|
||||
}(document, 'script', 'facebook-jssdk'));
|
||||
fb:login-button(scope="public_profile,email", onlogin="checkLoginState();" data-max-rows="1", data-size="large", data-button-type="login_with", data-show-faces="false", data-auto-logout-link="false", data-use-continue-as="false")
|
||||
if google_auth
|
||||
if auth.google
|
||||
script(src="https://apis.google.com/js/api:client.js")
|
||||
a.login-btn.google-login.float-lg-right
|
||||
i.fa.fa-fw.fa-google
|
||||
@ -59,11 +59,11 @@
|
||||
}
|
||||
|
||||
startApp()
|
||||
if twitter_auth
|
||||
if auth.twitter
|
||||
a.login-btn.twitter-login.login-dialog-pop.float-lg-right(href="/api/external/twitter/login")
|
||||
i.fa.fa-fw.fa-twitter
|
||||
span Log in With Twitter
|
||||
if discord_auth
|
||||
if auth.discord
|
||||
a.login-btn.discord-login.login-dialog-pop.float-lg-right(href="/api/external/discord/login")
|
||||
img(src="/static/image/discord.svg")
|
||||
span Log in With Discord
|
||||
|
@ -26,5 +26,6 @@ block body
|
||||
a(href="/register") Create an account
|
||||
| ·
|
||||
a(href="/login/reset") Forgot password?
|
||||
if auth
|
||||
aside.col-sm-4
|
||||
include ../includes/external.pug
|
||||
|
Reference in New Issue
Block a user