Add new server setting to disable signup

2022-05-13 11:49:04 +01:00 · 2022-05-13 11:49:04 +01:00 · 19d2b5e49f
parent 574142ab64
commit 19d2b5e49f
3 changed files with 15 additions and 4 deletions
--- a/docs/examples/config/example.env
+++ b/docs/examples/config/example.env
@ -301,9 +301,10 @@

 # PL_SERVER_CLIENT_URL=http://localhost:8080
 # PL_SERVER_REPORT_ERRORS=webmaster@example.com
-# PL_MAX_REQUEST_AGE=3600000
-# PL_VERIFY_EMAIL_ON_SIGNUP=true
-# PL_DEFAULT_AUTH_TYPES=email
+# PL_SERVER_MAX_REQUEST_AGE=3600000
+# PL_SERVER_VERIFY_EMAIL_ON_SIGNUP=true
+# PL_SERVER_DEFAULT_AUTH_TYPES=email
+# PL_SERVER_DISABLE_SIGNUP=false


 # =============================================================================
--- a/packages/core/src/error.ts
+++ b/packages/core/src/error.ts
@ -54,6 +54,8 @@ export enum ErrorCode {

    BILLING_ERROR = "billing_error",

+    SIGNUP_NOT_ALLOWED = "signup_not_allowed",
+
    // MFA Errors
    AUTHENTICATION_REQUIRED = "email_verification_required",
    AUTHENTICATION_FAILED = "email_verification_failed",
--- a/packages/core/src/server.ts
+++ b/packages/core/src/server.ts
@ -79,6 +79,10 @@ export class ServerConfig extends Config {
    @ConfigParam("boolean")
    verifyEmailOnSignup = true;

+    /** Whether or not to disable creating an account via the signup form */
+    @ConfigParam("boolean")
+    disableSignup = false;
+
    @ConfigParam("string[]")
    defaultAuthTypes: AuthType[] = [AuthType.Email];

@ -645,7 +649,7 @@ export class Controller extends API {
        authToken,
        verify,
    }: CreateAccountParams): Promise<Account> {
-        // For compatibility with v3 clients, which still use the depracated `verify` property name
+        // For compatibility with v3 clients, which still use the deprecated `verify` property name
        if (verify && !authToken) {
            authToken = verify;
        }
@ -654,6 +658,10 @@ export class Controller extends API {
            await this._useAuthToken({ email: account.email, token: authToken, purpose: AuthPurpose.Signup });
        }

+        if (this.config.disableSignup) {
+            throw new Err(ErrorCode.SIGNUP_NOT_ALLOWED, "Signup not allowed!");
+        }
+
        const auth = (this.context.auth = await this._getAuth(account.email));
        this.context.provisioning = await this.provisioner.getProvisioning(auth);