IcyNetwork
/
IcyNet.eu
Archived
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Disable third-party registrations

This commit is contained in:
Evert Prants 2019-08-08 15:33:58 +03:00
parent 47cfde3475
commit a7289af257
Signed by: evert
GPG Key ID: 1688DA83D222D0B5
5 changed files with 58 additions and 42 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

32
config.example.toml
View File

@ -43,23 +43,27 @@
[redis]
port=6379
# Uncomment if you want to be using Twitter authentication
[twitter]
# api=""
# api_secret=""
[external]
# Set to true if you allow registrations from the following services
registrations=false
# Uncomment if you want to be using Facebook authentication
[facebook]
# client=""
# Uncomment if you want to be using Twitter authentication
[external.twitter]
# api=""
# api_secret=""
# Uncomment if you want to be using Discord authentication
[discord]
# api=""
# api_secret=""
# Uncomment if you want to be using Facebook authentication
[external.facebook]
# client=""
[google]
# api=""
# api_secret=""
# Uncomment if you want to be using Discord authentication
[external.discord]
# api=""
# api_secret=""
[external.google]
# api=""
# api_secret=""
# reCAPTCHA configuration
[security]

11
server/api/external.js
View File

@ -56,6 +56,7 @@ const API = {
},
// Create a new user
newUser: async (service, identifier, data) => {
if (config.external.registrations !== true) throw new Error('Registrations from third-party websites are not allowed.')
let udataLimited = Object.assign({
activated: 1,
created_at: new Date(),
@ -239,8 +240,8 @@ const API = {
twitterApp = new oauth.PromiseOAuth(
'https://api.twitter.com/oauth/request_token',
'https://api.twitter.com/oauth/access_token',
config.twitter.api,
config.twitter.api_secret,
config.external.twitter.api,
config.external.twitter.api_secret,
'1.0A',
redirectUri,
'HMAC-SHA1'
@ -360,8 +361,8 @@ const API = {
oauth2App: function () {
if (discordApp) return
discordApp = new oauth.PromiseOAuth2(
config.discord.api,
config.discord.api_secret,
config.external.discord.api,
config.external.discord.api_secret,
'https://discordapp.com/api/',
'oauth2/authorize',
'oauth2/token'
@ -375,7 +376,7 @@ const API = {
let redirectUri = config.server.domain + '/api/external/discord/callback'
const params = {
'client_id': config.discord.api,
'client_id': config.external.discord.api,
'redirect_uri': redirectUri,
'scope': 'identify email',
'response_type': 'code',

44
server/routes/index.js
View File

@ -102,24 +102,34 @@ router.get('/', (req, res) => {
})
// Add social media login buttons
function extraButtons (req, res, next) {
if (config.twitter && config.twitter.api) {
res.locals.twitter_auth = true
}
function extraButtons (recheck) {
let et = config.external
return function (req, res, next) {
if (!et) return next()
res.locals.auth = {
registrations: et.registrations
}
if (config.discord && config.discord.api) {
res.locals.discord_auth = true
}
if (recheck && et.registrations !== true) return next()
if (config.facebook && config.facebook.client) {
res.locals.facebook_auth = config.facebook.client
}
if (et.twitter && et.twitter.api) {
res.locals.auth.twitter = true
}
if (config.google && config.google.api) {
res.locals.google_auth = config.google.api
}
if (et.discord && et.discord.api) {
res.locals.auth.discord = true
}
next()
if (et.facebook && et.facebook.client) {
res.locals.auth.facebook = et.facebook.client
}
if (et.google && et.google.api) {
res.locals.auth.google = et.google.api
}
next()
}
}
// Retrieve form data if formError was called
@ -136,7 +146,7 @@ function formKeep (req, res, next) {
}
// Password reset request endpoint
router.get('/login/reset', extraButtons, (req, res) => {
router.get('/login/reset', extraButtons(false), (req, res) => {
if (req.session.user) return redirectLogin(req, res)
res.render('user/reset_password', {sent: req.query.success != null})
@ -157,7 +167,7 @@ router.get('/reset/:token', wrap(async (req, res) => {
res.render('user/password_new', {token: true})
}))
router.get('/login', extraButtons, (req, res) => {
router.get('/login', extraButtons(false), (req, res) => {
if (req.session.user) return redirectLogin(req, res)
if (req.query.returnTo) {
@ -167,7 +177,7 @@ router.get('/login', extraButtons, (req, res) => {
res.render('user/login')
})
router.get('/register', extraButtons, formKeep, (req, res) => {
router.get('/register', extraButtons(true), formKeep, (req, res) => {
if (req.session.user) return redirectLogin(req, res)
if (config.security.recaptcha && config.security.recaptcha.site_key) {

8
views/includes/external.pug
View File

@ -1,5 +1,5 @@
.external-login
if facebook_auth
if auth.facebook
div#fb-root
script.
window.fbAsyncInit = function() {
@ -20,7 +20,7 @@
fjs.parentNode.insertBefore(js, fjs);
}(document, 'script', 'facebook-jssdk'));
fb:login-button(scope="public_profile,email", onlogin="checkLoginState();" data-max-rows="1", data-size="large", data-button-type="login_with", data-show-faces="false", data-auto-logout-link="false", data-use-continue-as="false")
if google_auth
if auth.google
script(src="https://apis.google.com/js/api:client.js")
a.login-btn.google-login.float-lg-right
i.fa.fa-fw.fa-google
@ -59,11 +59,11 @@
}
startApp()
if twitter_auth
if auth.twitter
a.login-btn.twitter-login.login-dialog-pop.float-lg-right(href="/api/external/twitter/login")
i.fa.fa-fw.fa-twitter
span Log in With Twitter
if discord_auth
if auth.discord
a.login-btn.discord-login.login-dialog-pop.float-lg-right(href="/api/external/discord/login")
img(src="/static/image/discord.svg")
span Log in With Discord

5
views/user/login.pug
View File

@ -26,5 +26,6 @@ block body
a(href="/register") Create an account
| ·
a(href="/login/reset") Forgot password?
aside.col-sm-4
include ../includes/external.pug
if auth
aside.col-sm-4
include ../includes/external.pug