mirror of
https://github.com/hoernschen/dendrite.git
synced 2024-12-29 08:18:27 +00:00
Add config option to disable registration (#360)
This commit is contained in:
parent
791a5ee7f4
commit
7236090989
2 changed files with 40 additions and 17 deletions
|
@ -222,6 +222,11 @@ func handleRegistrationFlow(
|
||||||
// TODO: Handle mapping registrationRequest parameters into session parameters
|
// TODO: Handle mapping registrationRequest parameters into session parameters
|
||||||
|
|
||||||
// TODO: email / msisdn / recaptcha auth types.
|
// TODO: email / msisdn / recaptcha auth types.
|
||||||
|
|
||||||
|
if cfg.Matrix.RegistrationDisabled && r.Auth.Type != authtypes.LoginTypeSharedSecret {
|
||||||
|
return util.MessageResponse(403, "Registration has been disabled")
|
||||||
|
}
|
||||||
|
|
||||||
switch r.Auth.Type {
|
switch r.Auth.Type {
|
||||||
case authtypes.LoginTypeSharedSecret:
|
case authtypes.LoginTypeSharedSecret:
|
||||||
if cfg.Matrix.RegistrationSharedSecret == "" {
|
if cfg.Matrix.RegistrationSharedSecret == "" {
|
||||||
|
@ -277,33 +282,19 @@ func LegacyRegister(
|
||||||
cfg *config.Dendrite,
|
cfg *config.Dendrite,
|
||||||
) util.JSONResponse {
|
) util.JSONResponse {
|
||||||
var r legacyRegisterRequest
|
var r legacyRegisterRequest
|
||||||
resErr := httputil.UnmarshalJSONRequest(req, &r)
|
resErr := parseAndValidateLegacyLogin(req, &r)
|
||||||
if resErr != nil {
|
if resErr != nil {
|
||||||
return *resErr
|
return *resErr
|
||||||
}
|
}
|
||||||
|
|
||||||
// Squash username to all lowercase letters
|
|
||||||
r.Username = strings.ToLower(r.Username)
|
|
||||||
|
|
||||||
if resErr = validateUserName(r.Username); resErr != nil {
|
|
||||||
return *resErr
|
|
||||||
}
|
|
||||||
if resErr = validatePassword(r.Password); resErr != nil {
|
|
||||||
return *resErr
|
|
||||||
}
|
|
||||||
|
|
||||||
logger := util.GetLogger(req.Context())
|
logger := util.GetLogger(req.Context())
|
||||||
logger.WithFields(log.Fields{
|
logger.WithFields(log.Fields{
|
||||||
"username": r.Username,
|
"username": r.Username,
|
||||||
"auth.type": r.Type,
|
"auth.type": r.Type,
|
||||||
}).Info("Processing registration request")
|
}).Info("Processing registration request")
|
||||||
|
|
||||||
// All registration requests must specify what auth they are using to perform this request
|
if cfg.Matrix.RegistrationDisabled && r.Type != authtypes.LoginTypeSharedSecret {
|
||||||
if r.Type == "" {
|
return util.MessageResponse(403, "Registration has been disabled")
|
||||||
return util.JSONResponse{
|
|
||||||
Code: 400,
|
|
||||||
JSON: jsonerror.BadJSON("invalid type"),
|
|
||||||
}
|
|
||||||
}
|
}
|
||||||
|
|
||||||
switch r.Type {
|
switch r.Type {
|
||||||
|
@ -333,6 +324,35 @@ func LegacyRegister(
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
|
// parseAndValidateLegacyLogin parses the request into r and checks that the
|
||||||
|
// request is valid (e.g. valid user names, etc)
|
||||||
|
func parseAndValidateLegacyLogin(req *http.Request, r *legacyRegisterRequest) *util.JSONResponse {
|
||||||
|
resErr := httputil.UnmarshalJSONRequest(req, &r)
|
||||||
|
if resErr != nil {
|
||||||
|
return resErr
|
||||||
|
}
|
||||||
|
|
||||||
|
// Squash username to all lowercase letters
|
||||||
|
r.Username = strings.ToLower(r.Username)
|
||||||
|
|
||||||
|
if resErr = validateUserName(r.Username); resErr != nil {
|
||||||
|
return resErr
|
||||||
|
}
|
||||||
|
if resErr = validatePassword(r.Password); resErr != nil {
|
||||||
|
return resErr
|
||||||
|
}
|
||||||
|
|
||||||
|
// All registration requests must specify what auth they are using to perform this request
|
||||||
|
if r.Type == "" {
|
||||||
|
return &util.JSONResponse{
|
||||||
|
Code: 400,
|
||||||
|
JSON: jsonerror.BadJSON("invalid type"),
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
return nil
|
||||||
|
}
|
||||||
|
|
||||||
func completeRegistration(
|
func completeRegistration(
|
||||||
ctx context.Context,
|
ctx context.Context,
|
||||||
accountDB *accounts.Database,
|
accountDB *accounts.Database,
|
||||||
|
|
|
@ -83,6 +83,9 @@ type Dendrite struct {
|
||||||
// If set, allows registration by anyone who also has the shared
|
// If set, allows registration by anyone who also has the shared
|
||||||
// secret, even if registration is otherwise disabled.
|
// secret, even if registration is otherwise disabled.
|
||||||
RegistrationSharedSecret string `yaml:"registration_shared_secret"`
|
RegistrationSharedSecret string `yaml:"registration_shared_secret"`
|
||||||
|
// If set disables new users from registering (except via shared
|
||||||
|
// secrets)
|
||||||
|
RegistrationDisabled bool `yaml:"registration_disabled"`
|
||||||
} `yaml:"matrix"`
|
} `yaml:"matrix"`
|
||||||
|
|
||||||
// The configuration specific to the media repostitory.
|
// The configuration specific to the media repostitory.
|
||||||
|
|
Loading…
Reference in a new issue