From d9388ae56d5a2041458af6bb7f901928fb53d4a2 Mon Sep 17 00:00:00 2001 From: Sebastian Hugentobler Date: Wed, 10 Jul 2024 15:26:35 +0200 Subject: [PATCH] disable registrations by default --- README.md | 1 + app/src/api.rs | 11 ++++++++++- app/src/cli.rs | 4 ++++ app/src/main.rs | 1 + 4 files changed, 16 insertions(+), 1 deletion(-) diff --git a/README.md b/README.md index 0b2b04a..ebf31f0 100644 --- a/README.md +++ b/README.md @@ -30,6 +30,7 @@ Usage: hesinde-sync [OPTIONS] Options: -a, --address
Address to listen on [env: ADDRESS=] [default: localhost:3030] -d, --db-connection From which file to read the database connection string ("-" for stdin) [env: DB_CONNECTION=] [default: -] + -a, --allow-registering Whether new users can register [env: ALLOW_REGISTERING=] -h, --help Print help -V, --version Print version ``` diff --git a/app/src/api.rs b/app/src/api.rs index bce8c0a..290308c 100644 --- a/app/src/api.rs +++ b/app/src/api.rs @@ -78,6 +78,8 @@ pub struct Api; impl Api { /// Register a new user. /// + /// If registration is disabled return early. + /// /// If a user of that id already exist, return a conflict. #[oai(path = "/users/create", method = "post")] async fn register( @@ -85,7 +87,14 @@ impl Api { req: Json, state: Data<&Arc>, ) -> Result>> { - let db = &state.0.db; + if !state.config.allow_registration { + return Err(Error::from_string( + "Registration is disabled.", + StatusCode::UNAUTHORIZED, + )); + } + + let db = &state.db; if db.get_user(&req.username).await?.is_some() { Err(Error::from_status(StatusCode::CONFLICT)) } else { diff --git a/app/src/cli.rs b/app/src/cli.rs index f32c98e..184d485 100644 --- a/app/src/cli.rs +++ b/app/src/cli.rs @@ -13,4 +13,8 @@ pub struct Config { /// From which file to read the database connection string ("-" for stdin) #[arg(short, long, env, default_value = "-")] pub db_connection: String, + + /// Whether new users can register. + #[arg(short = 'r', long, env, default_value = "false")] + pub allow_registration: bool, } diff --git a/app/src/main.rs b/app/src/main.rs index 51516aa..f4fd279 100644 --- a/app/src/main.rs +++ b/app/src/main.rs @@ -15,6 +15,7 @@ async fn main() -> Result<()> { tracing_subscriber::fmt::init(); let args = Config::parse(); + println!("{}", args.allow_registration); let db_url = read_db_url(&args.db_connection)?; hesinde_sync::run(&args, &db_url).await