self-hosted/focalboard
1
0
Fork 0
mirror of https://github.com/mattermost/focalboard.git synced 2025-07-12 23:50:27 +02:00
Code Issues Releases Activity

Require signup token to register

Browse Source
This commit is contained in:
Chen-I Lim
2021-01-13 16:56:01 -08:00
parent 36b5bec65f
commit 7915564d2c
26 changed files with 687 additions and 80 deletions
Download Patch File Download Diff File Expand all files Collapse all files

32
server/api/auth.go
View File

@ -26,6 +26,7 @@ type RegisterData struct {
Username string `json:"username"`
Email string `json:"email"`
Password string `json:"password"`
Token string `json:"token"`
}
func (rd *RegisterData) IsValid() error {
@ -77,14 +78,12 @@ func (a *API) handleLogin(w http.ResponseWriter, r *http.Request) {
}
errorResponse(w, http.StatusInternalServerError, map[string]string{"error": "Unknown login type"})
return
}
func (a *API) handleRegister(w http.ResponseWriter, r *http.Request) {
requestBody, err := ioutil.ReadAll(r.Body)
if err != nil {
errorResponse(w, http.StatusInternalServerError, nil)
return
}
@ -95,6 +94,33 @@ func (a *API) handleRegister(w http.ResponseWriter, r *http.Request) {
return
}
// Validate token
if len(registerData.Token) > 0 {
workspace, err := a.app().GetRootWorkspace()
if err != nil {
log.Println("ERROR: Unable to get active user count", err)
errorResponse(w, http.StatusInternalServerError, nil)
return
}
if registerData.Token != workspace.SignupToken {
errorResponse(w, http.StatusUnauthorized, nil)
return
}
} else {
// No signup token, check if no active users
userCount, err := a.app().GetActiveUserCount()
if err != nil {
log.Println("ERROR: Unable to get active user count", err)
errorResponse(w, http.StatusInternalServerError, nil)
return
}
if userCount > 0 {
errorResponse(w, http.StatusUnauthorized, nil)
return
}
}
if err = registerData.IsValid(); err != nil {
errorResponse(w, http.StatusInternalServerError, map[string]string{"error": err.Error()})
return
@ -105,8 +131,8 @@ func (a *API) handleRegister(w http.ResponseWriter, r *http.Request) {
errorResponse(w, http.StatusInternalServerError, map[string]string{"error": err.Error()})
return
}
jsonBytesResponse(w, http.StatusOK, nil)
return
}
func (a *API) sessionRequired(handler func(w http.ResponseWriter, r *http.Request)) func(w http.ResponseWriter, r *http.Request) {