disable registrations

This commit is contained in:
Evert Prants 2022-08-22 20:39:31 +03:00
parent 9cebc2ca68
commit 6e90d40db4
Signed by: evert
GPG Key ID: 1688DA83D222D0B5
5 changed files with 38 additions and 22 deletions

View File

@ -22,7 +22,7 @@ module.exports = {
'@typescript-eslint/explicit-module-boundary-types': 'off',
'@typescript-eslint/no-explicit-any': 'off',
'sort-imports': [
'warning',
0,
{
ignoreCase: false,
ignoreDeclarationSort: false,

View File

@ -20,6 +20,7 @@ export const configProviders: Provider<any>[] = [
// generate the following with crypto.randomBytes(256 / 8).toString('hex')
session_secret: 'change me!',
challenge_secret: 'change me!',
registrations: false,
},
email: {
from: 'no-reply@localhost',

View File

@ -7,9 +7,11 @@ import {
Render,
Req,
Res,
UnauthorizedException,
} from '@nestjs/common';
import { Throttle } from '@nestjs/throttler';
import { Request, Response } from 'express';
import { ConfigurationService } from 'src/modules/config/config.service';
import { UserService } from 'src/modules/objects/user/user.service';
import { FormUtilityService } from 'src/modules/utility/services/form-utility.service';
import { RegisterDto } from './register.interfaces';
@ -19,12 +21,15 @@ export class RegisterController {
constructor(
private readonly userService: UserService,
private readonly formUtil: FormUtilityService,
private readonly config: ConfigurationService,
) {}
@Get()
@Render('register')
public registerView(@Req() req: Request): Record<string, any> {
return this.formUtil.populateTemplate(req);
return this.formUtil.populateTemplate(req, {
registrationAuthorized: this.config.get<boolean>('app.registrations'),
});
}
@Post()
@ -38,6 +43,12 @@ export class RegisterController {
const { username, display_name, email, password, password_repeat } =
this.formUtil.trimmed(body, ['username', 'display_name', 'email']);
if (!this.config.get<boolean>('app.registrations')) {
throw new UnauthorizedException(
'Registrations are disabled by administrator.',
);
}
try {
if (
!username ||

View File

@ -14,7 +14,6 @@ declare global {
declare module 'express-session' {
interface SessionData {
csrf?: string;
user?: string;
challenge?: string;
flash?: Record<string, any>;

View File

@ -16,6 +16,7 @@ block body
.alert.alert-success
span #{message.text}
if registrationAuthorized
form(method="post")
div.form-container
input#csrf(type="hidden", name="_csrf", value=csrf)
@ -41,3 +42,7 @@ block body
button.btn.btn-primary(type="submit") Create a new account
a.btn.btn-link.align-self-end(type="button" href="/login") Log in instead
else
.alert.alert-danger
span Registrations are currently disabled. Sorry!
a.btn.btn-link.align-self-end(type="button" href="/login") Home