From d728426b451ae5c5b0b179264b00f6f3f4d4f6fc Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Ferdinand=20M=C3=BCtsch?= Date: Sat, 6 Feb 2021 10:59:12 +0100 Subject: [PATCH] chore: add config option to disable user registrations (resolve #113) --- Dockerfile | 1 + config.default.yml | 3 ++- config/config.go | 1 + routes/login.go | 6 ++++++ version.txt | 2 +- 5 files changed, 11 insertions(+), 2 deletions(-) diff --git a/Dockerfile b/Dockerfile index a8cb3f5..6b157e5 100644 --- a/Dockerfile +++ b/Dockerfile @@ -40,6 +40,7 @@ ENV WAKAPI_DB_NAME=/data/wakapi.db ENV WAKAPI_PASSWORD_SALT '' ENV WAKAPI_LISTEN_IPV4 '0.0.0.0' ENV WAKAPI_INSECURE_COOKIES 'true' +ENV WAKAPI_ALLOW_SIGNUP 'true COPY --from=build-env /app . diff --git a/config.default.yml b/config.default.yml index 78b61a0..8b437aa 100644 --- a/config.default.yml +++ b/config.default.yml @@ -28,4 +28,5 @@ db: security: password_salt: # CHANGE ! insecure_cookies: false - cookie_max_age: 172800 \ No newline at end of file + cookie_max_age: 172800 + allow_signup: true \ No newline at end of file diff --git a/config/config.go b/config/config.go index 16f8ca9..daeac5f 100644 --- a/config/config.go +++ b/config/config.go @@ -48,6 +48,7 @@ type appConfig struct { } type securityConfig struct { + AllowSignup bool `yaml:"allow_signup" default:"true" env:"WAKAPI_ALLOW_SIGNUP"` // this is actually a pepper (https://en.wikipedia.org/wiki/Pepper_(cryptography)) PasswordSalt string `yaml:"password_salt" default:"" env:"WAKAPI_PASSWORD_SALT"` InsecureCookies bool `yaml:"insecure_cookies" default:"false" env:"WAKAPI_INSECURE_COOKIES"` diff --git a/routes/login.go b/routes/login.go index af3113d..a1ff615 100644 --- a/routes/login.go +++ b/routes/login.go @@ -121,6 +121,12 @@ func (h *LoginHandler) PostSignup(w http.ResponseWriter, r *http.Request) { loadTemplates() } + if !h.config.IsDev() && !h.config.Security.AllowSignup { + w.WriteHeader(http.StatusForbidden) + templates[conf.SignupTemplate].Execute(w, h.buildViewModel(r).WithError("registration is disabled on this server")) + return + } + if cookie, err := r.Cookie(models.AuthCookieKey); err == nil && cookie.Value != "" { http.Redirect(w, r, fmt.Sprintf("%s/summary", h.config.Server.BasePath), http.StatusFound) return diff --git a/version.txt b/version.txt index be02b33..054c858 100644 --- a/version.txt +++ b/version.txt @@ -1 +1 @@ -1.22.4 \ No newline at end of file +1.22.5 \ No newline at end of file