Mirrors/continuwuity
1
0
Fork 0
mirror of https://forgejo.ellis.link/continuwuation/continuwuity.git synced 2026-05-26 20:49:55 +00:00
Code Issues Packages Projects Releases Wiki Activity

fix(!783): Don't allow registrations by default with no token configured

Browse Source
This commit is contained in:
Ginger
2026-01-06 11:51:12 -05:00
parent 112403e470
commit adc7c5ac49
2 changed files with 21 additions and 5 deletions
Download Patch File Download Diff File Expand all files Collapse all files
conduwuit-example.toml
+2 -2
View File
@@ -452,8 +452,8 @@
# `yes_i_am_very_very_sure_i_want_an_open_registration_server_prone_to_abuse`
# to true to allow open registration without any conditions.
#
# If you do not want to set a static token, the `!admin token` commands may also be used
# to manage registration tokens.
# If you do not want to set a static token, the `!admin token` commands
# may also be used to manage registration tokens.
#
# example: "o&^uCtes4HPf0Vu@F20jQeeWE7"
#
src/api/client/account.rs
+19 -3
View File
@@ -179,7 +179,9 @@ pub(crate) async fn register_route(
},
}
return Err!(Request(Forbidden("Registration has been disabled.")));
return Err!(Request(Forbidden(
"This server is not accepting registrations at this time."
)));
}
if is_guest
@@ -206,7 +208,9 @@ pub(crate) async fn register_route(
rejecting registration. Guest's initial device name: \"{}\"",
body.initial_device_display_name.as_deref().unwrap_or("")
);
return Err!(Request(Forbidden("Registration is temporarily disabled.")));
return Err!(Request(Forbidden(
"This server is not accepting registrations at this time."
)));
}
let user_id = match (body.username.as_ref(), is_guest) {
@@ -332,7 +336,19 @@ pub(crate) async fn register_route(
}
if uiaainfo.flows.is_empty() && !skip_auth {
// No registration token necessary, but clients must still go through the flow
// Registration isn't _disabled_, but there's no captcha configured and no
// registration tokens currently set. Bail out by default unless open
// registration was explicitly enabled.
if !services
.config
.yes_i_am_very_very_sure_i_want_an_open_registration_server_prone_to_abuse
{
return Err!(Request(Forbidden(
"This server is not accepting registrations at this time."
)));
}
// We have open registration enabled (😧), provide a dummy stage
uiaainfo = UiaaInfo {
flows: vec![AuthFlow { stages: vec![AuthType::Dummy] }],
completed: Vec::new(),