mirror of
https://github.com/simple-login/app.git
synced 2024-09-28 20:51:29 +02:00
Merge pull request #57 from simple-login/disable-registration
set DISABLE_REGISTRATION param to disable registration
This commit is contained in:
commit
9489561f3f
@ -6,7 +6,12 @@ from requests_oauthlib.compliance_fixes import facebook_compliance_fix
|
|||||||
from app import email_utils
|
from app import email_utils
|
||||||
from app.auth.base import auth_bp
|
from app.auth.base import auth_bp
|
||||||
from app.auth.views.google import create_file_from_url
|
from app.auth.views.google import create_file_from_url
|
||||||
from app.config import URL, FACEBOOK_CLIENT_ID, FACEBOOK_CLIENT_SECRET
|
from app.config import (
|
||||||
|
URL,
|
||||||
|
FACEBOOK_CLIENT_ID,
|
||||||
|
FACEBOOK_CLIENT_SECRET,
|
||||||
|
DISABLE_REGISTRATION,
|
||||||
|
)
|
||||||
from app.extensions import db
|
from app.extensions import db
|
||||||
from app.log import LOG
|
from app.log import LOG
|
||||||
from app.models import User
|
from app.models import User
|
||||||
@ -103,6 +108,10 @@ def facebook_callback():
|
|||||||
|
|
||||||
# create user
|
# create user
|
||||||
else:
|
else:
|
||||||
|
if DISABLE_REGISTRATION:
|
||||||
|
flash("Registration is closed", "error")
|
||||||
|
return redirect(url_for("auth.login"))
|
||||||
|
|
||||||
if not can_be_used_as_personal_email(email):
|
if not can_be_used_as_personal_email(email):
|
||||||
flash(
|
flash(
|
||||||
f"You cannot use {email} as your personal inbox.", "error",
|
f"You cannot use {email} as your personal inbox.", "error",
|
||||||
|
@ -5,7 +5,7 @@ from requests_oauthlib import OAuth2Session
|
|||||||
from app import email_utils
|
from app import email_utils
|
||||||
from app.auth.base import auth_bp
|
from app.auth.base import auth_bp
|
||||||
from app.auth.views.login_utils import after_login
|
from app.auth.views.login_utils import after_login
|
||||||
from app.config import GITHUB_CLIENT_ID, GITHUB_CLIENT_SECRET, URL
|
from app.config import GITHUB_CLIENT_ID, GITHUB_CLIENT_SECRET, URL, DISABLE_REGISTRATION
|
||||||
from app.email_utils import can_be_used_as_personal_email
|
from app.email_utils import can_be_used_as_personal_email
|
||||||
from app.extensions import db
|
from app.extensions import db
|
||||||
from app.log import LOG
|
from app.log import LOG
|
||||||
@ -85,6 +85,10 @@ def github_callback():
|
|||||||
|
|
||||||
# create user
|
# create user
|
||||||
if not user:
|
if not user:
|
||||||
|
if DISABLE_REGISTRATION:
|
||||||
|
flash("Registration is closed", "error")
|
||||||
|
return redirect(url_for("auth.login"))
|
||||||
|
|
||||||
if not can_be_used_as_personal_email(email):
|
if not can_be_used_as_personal_email(email):
|
||||||
flash(
|
flash(
|
||||||
f"You cannot use {email} as your personal inbox.", "error",
|
f"You cannot use {email} as your personal inbox.", "error",
|
||||||
|
@ -4,7 +4,7 @@ from requests_oauthlib import OAuth2Session
|
|||||||
|
|
||||||
from app import s3, email_utils
|
from app import s3, email_utils
|
||||||
from app.auth.base import auth_bp
|
from app.auth.base import auth_bp
|
||||||
from app.config import URL, GOOGLE_CLIENT_ID, GOOGLE_CLIENT_SECRET
|
from app.config import URL, GOOGLE_CLIENT_ID, GOOGLE_CLIENT_SECRET, DISABLE_REGISTRATION
|
||||||
from app.extensions import db
|
from app.extensions import db
|
||||||
from app.log import LOG
|
from app.log import LOG
|
||||||
from app.models import User, File
|
from app.models import User, File
|
||||||
@ -93,6 +93,10 @@ def google_callback():
|
|||||||
db.session.commit()
|
db.session.commit()
|
||||||
# create user
|
# create user
|
||||||
else:
|
else:
|
||||||
|
if DISABLE_REGISTRATION:
|
||||||
|
flash("Registration is closed", "error")
|
||||||
|
return redirect(url_for("auth.login"))
|
||||||
|
|
||||||
if not can_be_used_as_personal_email(email):
|
if not can_be_used_as_personal_email(email):
|
||||||
flash(
|
flash(
|
||||||
f"You cannot use {email} as your personal inbox.", "error",
|
f"You cannot use {email} as your personal inbox.", "error",
|
||||||
|
@ -3,9 +3,9 @@ from flask_login import current_user
|
|||||||
from flask_wtf import FlaskForm
|
from flask_wtf import FlaskForm
|
||||||
from wtforms import StringField, validators
|
from wtforms import StringField, validators
|
||||||
|
|
||||||
from app import email_utils
|
from app import email_utils, config
|
||||||
from app.auth.base import auth_bp
|
from app.auth.base import auth_bp
|
||||||
from app.config import URL
|
from app.config import URL, DISABLE_REGISTRATION
|
||||||
from app.email_utils import can_be_used_as_personal_email
|
from app.email_utils import can_be_used_as_personal_email
|
||||||
from app.extensions import db
|
from app.extensions import db
|
||||||
from app.log import LOG
|
from app.log import LOG
|
||||||
@ -27,6 +27,10 @@ def register():
|
|||||||
flash("You are already logged in", "warning")
|
flash("You are already logged in", "warning")
|
||||||
return redirect(url_for("dashboard.index"))
|
return redirect(url_for("dashboard.index"))
|
||||||
|
|
||||||
|
if config.DISABLE_REGISTRATION:
|
||||||
|
flash("Registration is closed", "error")
|
||||||
|
return redirect(url_for("auth.login"))
|
||||||
|
|
||||||
form = RegisterForm(request.form)
|
form = RegisterForm(request.form)
|
||||||
next_url = request.args.get("next")
|
next_url = request.args.get("next")
|
||||||
|
|
||||||
|
@ -54,6 +54,8 @@ except Exception:
|
|||||||
# allow to override postfix server locally
|
# allow to override postfix server locally
|
||||||
POSTFIX_SERVER = os.environ.get("POSTFIX_SERVER", "240.0.0.1")
|
POSTFIX_SERVER = os.environ.get("POSTFIX_SERVER", "240.0.0.1")
|
||||||
|
|
||||||
|
DISABLE_REGISTRATION = "DISABLE_REGISTRATION" in os.environ
|
||||||
|
|
||||||
if "OTHER_ALIAS_DOMAINS" in os.environ:
|
if "OTHER_ALIAS_DOMAINS" in os.environ:
|
||||||
OTHER_ALIAS_DOMAINS = eval(
|
OTHER_ALIAS_DOMAINS = eval(
|
||||||
os.environ["OTHER_ALIAS_DOMAINS"]
|
os.environ["OTHER_ALIAS_DOMAINS"]
|
||||||
|
@ -25,7 +25,10 @@ SUPPORT_NAME=Son from SimpleLogin
|
|||||||
# ADMIN_EMAIL=admin@sl.local
|
# ADMIN_EMAIL=admin@sl.local
|
||||||
|
|
||||||
# Max number emails user can generate for free plan
|
# Max number emails user can generate for free plan
|
||||||
MAX_NB_EMAIL_FREE_PLAN=3
|
MAX_NB_EMAIL_FREE_PLAN=5
|
||||||
|
|
||||||
|
# Close registration. Avoid people accidentally creating new account on a self-hosted SimpleLogin
|
||||||
|
# DISABLE_REGISTRATION=1
|
||||||
|
|
||||||
# custom domain needs to point to these MX servers
|
# custom domain needs to point to these MX servers
|
||||||
EMAIL_SERVERS_WITH_PRIORITY=[(10, "email.hostname.")]
|
EMAIL_SERVERS_WITH_PRIORITY=[(10, "email.hostname.")]
|
||||||
|
28
tests/auth/test_register.py
Normal file
28
tests/auth/test_register.py
Normal file
@ -0,0 +1,28 @@
|
|||||||
|
from flask import url_for
|
||||||
|
|
||||||
|
|
||||||
|
def test_register_success(flask_client):
|
||||||
|
"""User arrives at the waiting activation page."""
|
||||||
|
r = flask_client.post(
|
||||||
|
url_for("auth.register"),
|
||||||
|
data={"email": "a@b.c", "password": "password"},
|
||||||
|
follow_redirects=True,
|
||||||
|
)
|
||||||
|
|
||||||
|
assert r.status_code == 200
|
||||||
|
assert b"An email to validate your email is on its way" in r.data
|
||||||
|
|
||||||
|
|
||||||
|
def test_register_disabled(flask_client):
|
||||||
|
"""User cannot create new account when DISABLE_REGISTRATION."""
|
||||||
|
from app import config
|
||||||
|
|
||||||
|
config.DISABLE_REGISTRATION = True
|
||||||
|
|
||||||
|
r = flask_client.post(
|
||||||
|
url_for("auth.register"),
|
||||||
|
data={"email": "a@b.c", "password": "password"},
|
||||||
|
follow_redirects=True,
|
||||||
|
)
|
||||||
|
|
||||||
|
assert b"Registration is closed" in r.data
|
Loading…
Reference in New Issue
Block a user