diff --git a/.eslintrc.js b/.eslintrc.js index 81f311c..1e522c0 100644 --- a/.eslintrc.js +++ b/.eslintrc.js @@ -22,7 +22,7 @@ module.exports = { '@typescript-eslint/explicit-module-boundary-types': 'off', '@typescript-eslint/no-explicit-any': 'off', 'sort-imports': [ - 'warning', + 0, { ignoreCase: false, ignoreDeclarationSort: false, diff --git a/src/modules/config/config.providers.ts b/src/modules/config/config.providers.ts index a7b8555..af899a1 100644 --- a/src/modules/config/config.providers.ts +++ b/src/modules/config/config.providers.ts @@ -20,6 +20,7 @@ export const configProviders: Provider[] = [ // generate the following with crypto.randomBytes(256 / 8).toString('hex') session_secret: 'change me!', challenge_secret: 'change me!', + registrations: false, }, email: { from: 'no-reply@localhost', diff --git a/src/modules/features/register/register.controller.ts b/src/modules/features/register/register.controller.ts index 1b49d36..31170ad 100644 --- a/src/modules/features/register/register.controller.ts +++ b/src/modules/features/register/register.controller.ts @@ -7,9 +7,11 @@ import { Render, Req, Res, + UnauthorizedException, } from '@nestjs/common'; import { Throttle } from '@nestjs/throttler'; import { Request, Response } from 'express'; +import { ConfigurationService } from 'src/modules/config/config.service'; import { UserService } from 'src/modules/objects/user/user.service'; import { FormUtilityService } from 'src/modules/utility/services/form-utility.service'; import { RegisterDto } from './register.interfaces'; @@ -19,12 +21,15 @@ export class RegisterController { constructor( private readonly userService: UserService, private readonly formUtil: FormUtilityService, + private readonly config: ConfigurationService, ) {} @Get() @Render('register') public registerView(@Req() req: Request): Record { - return this.formUtil.populateTemplate(req); + return this.formUtil.populateTemplate(req, { + registrationAuthorized: this.config.get('app.registrations'), + }); } @Post() @@ -38,6 +43,12 @@ export class RegisterController { const { username, display_name, email, password, password_repeat } = this.formUtil.trimmed(body, ['username', 'display_name', 'email']); + if (!this.config.get('app.registrations')) { + throw new UnauthorizedException( + 'Registrations are disabled by administrator.', + ); + } + try { if ( !username || diff --git a/src/types/express-session.d.ts b/src/types/express-session.d.ts index 46100d0..7529103 100644 --- a/src/types/express-session.d.ts +++ b/src/types/express-session.d.ts @@ -14,7 +14,6 @@ declare global { declare module 'express-session' { interface SessionData { - csrf?: string; user?: string; challenge?: string; flash?: Record; diff --git a/views/register.pug b/views/register.pug index 2bd9a55..57a5edf 100644 --- a/views/register.pug +++ b/views/register.pug @@ -16,28 +16,33 @@ block body .alert.alert-success span #{message.text} - form(method="post") - div.form-container - input#csrf(type="hidden", name="_csrf", value=csrf) + if registrationAuthorized + form(method="post") + div.form-container + input#csrf(type="hidden", name="_csrf", value=csrf) - label.form-label(for="username") Username - input.form-control#username(type="text", name="username", placeholder="Username", autofocus, value=form.username) - small.form-hint Between 3 and 26 English alphanumeric characters and .-_ only. + label.form-label(for="username") Username + input.form-control#username(type="text", name="username", placeholder="Username", autofocus, value=form.username) + small.form-hint Between 3 and 26 English alphanumeric characters and .-_ only. - label.form-label(for="display_name") Display name - input.form-control#display_name(type="text", name="display_name", placeholder="Display name", value=form.display_name) - small.form-hint Maximum length is 32. + label.form-label(for="display_name") Display name + input.form-control#display_name(type="text", name="display_name", placeholder="Display name", value=form.display_name) + small.form-hint Maximum length is 32. - label.form-label(for="email") Email address - input.form-control#email(type="email", name="email", placeholder="Email address", value=form.email) - small.form-hint You will need to verify your email address before you can log in. + label.form-label(for="email") Email address + input.form-control#email(type="email", name="email", placeholder="Email address", value=form.email) + small.form-hint You will need to verify your email address before you can log in. - label.form-label(for="password") Password - input.form-control#password(type="password", name="password", placeholder="Password", value=form.password) - small.form-hint Must be at least 8 characters long, contain a capital and lowercase letter and a number. + label.form-label(for="password") Password + input.form-control#password(type="password", name="password", placeholder="Password", value=form.password) + small.form-hint Must be at least 8 characters long, contain a capital and lowercase letter and a number. - label.form-label(for="password_repeat") Confirm password - input.form-control#password_repeat(type="password", name="password_repeat", placeholder="Confirm password") + label.form-label(for="password_repeat") Confirm password + input.form-control#password_repeat(type="password", name="password_repeat", placeholder="Confirm password") - button.btn.btn-primary(type="submit") Create a new account - a.btn.btn-link.align-self-end(type="button" href="/login") Log in instead + button.btn.btn-primary(type="submit") Create a new account + a.btn.btn-link.align-self-end(type="button" href="/login") Log in instead + else + .alert.alert-danger + span Registrations are currently disabled. Sorry! + a.btn.btn-link.align-self-end(type="button" href="/login") Home