disable registrations

.eslintrc.js

@@ -22,7 +22,7 @@ module.exports = {
     '@typescript-eslint/explicit-module-boundary-types': 'off',
     '@typescript-eslint/no-explicit-any': 'off',
     'sort-imports': [
-      'warning',
+      0,
       {
         ignoreCase: false,
         ignoreDeclarationSort: false,

src/modules/config/config.providers.ts

@@ -20,6 +20,7 @@ export const configProviders: Provider<any>[] = [
         // generate the following with crypto.randomBytes(256 / 8).toString('hex')
         session_secret: 'change me!',
         challenge_secret: 'change me!',
+        registrations: false,
       },
       email: {
         from: 'no-reply@localhost',

src/modules/features/register/register.controller.ts

@@ -7,9 +7,11 @@ import {
   Render,
   Req,
   Res,
+  UnauthorizedException,
 } from '@nestjs/common';
 import { Throttle } from '@nestjs/throttler';
 import { Request, Response } from 'express';
+import { ConfigurationService } from 'src/modules/config/config.service';
 import { UserService } from 'src/modules/objects/user/user.service';
 import { FormUtilityService } from 'src/modules/utility/services/form-utility.service';
 import { RegisterDto } from './register.interfaces';
@@ -19,12 +21,15 @@ export class RegisterController {
   constructor(
     private readonly userService: UserService,
     private readonly formUtil: FormUtilityService,
+    private readonly config: ConfigurationService,
   ) {}
 
   @Get()
   @Render('register')
   public registerView(@Req() req: Request): Record<string, any> {
-    return this.formUtil.populateTemplate(req);
+    return this.formUtil.populateTemplate(req, {
+      registrationAuthorized: this.config.get<boolean>('app.registrations'),
+    });
   }
 
   @Post()
@@ -38,6 +43,12 @@ export class RegisterController {
     const { username, display_name, email, password, password_repeat } =
       this.formUtil.trimmed(body, ['username', 'display_name', 'email']);
 
+    if (!this.config.get<boolean>('app.registrations')) {
+      throw new UnauthorizedException(
+        'Registrations are disabled by administrator.',
+      );
+    }
+
     try {
       if (
         !username ||

src/types/express-session.d.ts

@@ -14,7 +14,6 @@ declare global {
 
 declare module 'express-session' {
   interface SessionData {
-    csrf?: string;
     user?: string;
     challenge?: string;
     flash?: Record<string, any>;

views/register.pug

@@ -16,28 +16,33 @@ block body
           .alert.alert-success
             span #{message.text}
 
-      form(method="post")
+      if registrationAuthorized
-        div.form-container
+        form(method="post")
-          input#csrf(type="hidden", name="_csrf", value=csrf)
+          div.form-container
+            input#csrf(type="hidden", name="_csrf", value=csrf)
 
-          label.form-label(for="username") Username
+            label.form-label(for="username") Username
-          input.form-control#username(type="text", name="username", placeholder="Username", autofocus, value=form.username)
+            input.form-control#username(type="text", name="username", placeholder="Username", autofocus, value=form.username)
-          small.form-hint Between 3 and 26 English alphanumeric characters and .-_ only.
+            small.form-hint Between 3 and 26 English alphanumeric characters and .-_ only.
 
-          label.form-label(for="display_name") Display name
+            label.form-label(for="display_name") Display name
-          input.form-control#display_name(type="text", name="display_name", placeholder="Display name", value=form.display_name)
+            input.form-control#display_name(type="text", name="display_name", placeholder="Display name", value=form.display_name)
-          small.form-hint Maximum length is 32.
+            small.form-hint Maximum length is 32.
 
-          label.form-label(for="email") Email address
+            label.form-label(for="email") Email address
-          input.form-control#email(type="email", name="email", placeholder="Email address", value=form.email)
+            input.form-control#email(type="email", name="email", placeholder="Email address", value=form.email)
-          small.form-hint You will need to verify your email address before you can log in.
+            small.form-hint You will need to verify your email address before you can log in.
 
-          label.form-label(for="password") Password
+            label.form-label(for="password") Password
-          input.form-control#password(type="password", name="password", placeholder="Password", value=form.password)
+            input.form-control#password(type="password", name="password", placeholder="Password", value=form.password)
-          small.form-hint Must be at least 8 characters long, contain a capital and lowercase letter and a number.
+            small.form-hint Must be at least 8 characters long, contain a capital and lowercase letter and a number.
 
-          label.form-label(for="password_repeat") Confirm password
+            label.form-label(for="password_repeat") Confirm password
-          input.form-control#password_repeat(type="password", name="password_repeat", placeholder="Confirm password")
+            input.form-control#password_repeat(type="password", name="password_repeat", placeholder="Confirm password")
 
-          button.btn.btn-primary(type="submit") Create a new account
+            button.btn.btn-primary(type="submit") Create a new account
-          a.btn.btn-link.align-self-end(type="button" href="/login") Log in instead
+            a.btn.btn-link.align-self-end(type="button" href="/login") Log in instead
+      else
+        .alert.alert-danger
+          span Registrations are currently disabled. Sorry!
+            a.btn.btn-link.align-self-end(type="button" href="/login") Home