disable registrations

2022-08-22 20:39:31 +03:00 · 2022-08-22 20:39:31 +03:00 · 6e90d40db4
commit 6e90d40db4
parent 9cebc2ca68
5 changed files with 38 additions and 22 deletions
--- a/.eslintrc.js
+++ b/.eslintrc.js
@ -22,7 +22,7 @@ module.exports = {
    '@typescript-eslint/explicit-module-boundary-types': 'off',
    '@typescript-eslint/no-explicit-any': 'off',
    'sort-imports': [
-      'warning',
+      0,
      {
        ignoreCase: false,
        ignoreDeclarationSort: false,
--- a/src/modules/config/config.providers.ts
+++ b/src/modules/config/config.providers.ts
@ -20,6 +20,7 @@ export const configProviders: Provider<any>[] = [
        // generate the following with crypto.randomBytes(256 / 8).toString('hex')
        session_secret: 'change me!',
        challenge_secret: 'change me!',
+        registrations: false,
      },
      email: {
        from: 'no-reply@localhost',
--- a/src/modules/features/register/register.controller.ts
+++ b/src/modules/features/register/register.controller.ts
@ -7,9 +7,11 @@ import {
  Render,
  Req,
  Res,
+  UnauthorizedException,
 } from '@nestjs/common';
 import { Throttle } from '@nestjs/throttler';
 import { Request, Response } from 'express';
+import { ConfigurationService } from 'src/modules/config/config.service';
 import { UserService } from 'src/modules/objects/user/user.service';
 import { FormUtilityService } from 'src/modules/utility/services/form-utility.service';
 import { RegisterDto } from './register.interfaces';
@ -19,12 +21,15 @@ export class RegisterController {
  constructor(
    private readonly userService: UserService,
    private readonly formUtil: FormUtilityService,
+    private readonly config: ConfigurationService,
  ) {}

  @Get()
  @Render('register')
  public registerView(@Req() req: Request): Record<string, any> {
-    return this.formUtil.populateTemplate(req);
+    return this.formUtil.populateTemplate(req, {
+      registrationAuthorized: this.config.get<boolean>('app.registrations'),
+    });
  }

  @Post()
@ -38,6 +43,12 @@ export class RegisterController {
    const { username, display_name, email, password, password_repeat } =
      this.formUtil.trimmed(body, ['username', 'display_name', 'email']);

+    if (!this.config.get<boolean>('app.registrations')) {
+      throw new UnauthorizedException(
+        'Registrations are disabled by administrator.',
+      );
+    }
+
    try {
      if (
        !username ||
--- a/src/types/express-session.d.ts
+++ b/src/types/express-session.d.ts
@ -14,7 +14,6 @@ declare global {

 declare module 'express-session' {
  interface SessionData {
-    csrf?: string;
    user?: string;
    challenge?: string;
    flash?: Record<string, any>;
--- a/views/register.pug
+++ b/views/register.pug
@ -16,6 +16,7 @@ block body
          .alert.alert-success
            span #{message.text}

+      if registrationAuthorized
        form(method="post")
          div.form-container
            input#csrf(type="hidden", name="_csrf", value=csrf)
@ -41,3 +42,7 @@ block body

            button.btn.btn-primary(type="submit") Create a new account
            a.btn.btn-link.align-self-end(type="button" href="/login") Log in instead
+      else
+        .alert.alert-danger
+          span Registrations are currently disabled. Sorry!
+            a.btn.btn-link.align-self-end(type="button" href="/login") Home