feature: disable creation of temp_users and user signup through config

HeyPuter · Jan 14, 2025 · 8d5860d · 8d5860d
1 parent 78ac033
commit 8d5860d
Show file tree

Hide file tree

Showing 4 changed files with 55 additions and 9 deletions.
diff --git a/src/backend/src/config.js b/src/backend/src/config.js
@@ -25,10 +25,11 @@ let config = {};
 // Static defaults
 config.servers = [];
 
+config.disable_user_signup = false;
+config.default_user_group = '78b1b1dd-c959-44d2-b02c-8735671f9997';
+
 // Will disable the auto-generated temp users. If a user lands on the site, they will be required to sign up or log in.
 config.disable_temp_users = false;
-
-config.default_user_group = '78b1b1dd-c959-44d2-b02c-8735671f9997';
 config.default_temp_group = 'b7220104-7905-4985-b996-649fdcdb3c8f';
 
 config.max_file_size = 100_000_000_000;

diff --git a/src/backend/src/helpers.js b/src/backend/src/helpers.js
@@ -78,6 +78,24 @@ async function is_shared_with(fsentry_id, recipient_user_id){
     return false;
 }
 
+/**
+ * Checks to see if temp_users is disabled and return a boolean
+ * @returns {boolean}
+ */
+async function is_temp_users_disabled() {
+    const svc_feature_flag = await services.get("feature-flag");
+    return await svc_feature_flag.check("temp-users-disabled");
+}
+
+/**
+ * Checks to see if user_signup is disabled and return a boolean
+ * @returns {boolean}
+ */
+async function is_user_signup_disabled() {
+    const svc_feature_flag = await services.get("feature-flag");
+    return await svc_feature_flag.check("user-signup-disabled");
+}
+
 const chkperm = spanify('chkperm', async (target_fsentry, requester_user_id, action) => {
     // basic cases where false is the default response
     if(!target_fsentry)
@@ -1661,6 +1679,8 @@ module.exports = {
     is_valid_uuid4,
     is_valid_uuid,
     is_specifically_uuidv4,
+    is_temp_users_disabled,
+    is_user_signup_disabled,
     is_valid_url,
     jwt_auth,
     mv,

diff --git a/src/backend/src/routers/signup.js b/src/backend/src/routers/signup.js
@@ -23,6 +23,8 @@ const eggspress = require('../api/eggspress');
 const { Context } = require('../util/context');
 const { DB_WRITE } = require('../services/database/consts');
 const { generate_identifier } = require('../util/identifier');
+const { is_temp_users_disabled: lazy_temp_users, 
+        is_user_signup_disabled: lazy_user_signup } = require("../helpers")
 
 async function generate_random_username () {
     let username;
@@ -137,15 +139,26 @@ module.exports = eggspress(['/signup'], {
         }
     }
 
-    // temporary user
-    if(req.body.is_temp && !config.disable_temp_users){
-        req.body.username = await generate_random_username();
-        req.body.email = req.body.username + '@gmail.com';
-        req.body.password = 'sadasdfasdfsadfsa';
-    }else if(config.disable_temp_users){
-        return res.status(400).send('Temp users are disabled.');
+    const is_temp_users_disabled = await lazy_temp_users();
+    const is_user_signup_disabled = await lazy_user_signup();
+
+    if (is_temp_users_disabled && is_user_signup_disabled) {
+        return res.status(403).send('User signup and Temporary users are disabled.');
     }
 
+    if (!req.body.is_temp && is_user_signup_disabled) {
+        return res.status(403).send('User signup is disabled.');
+    } 
+
+    if (req.body.is_temp && is_temp_users_disabled) {
+        return res.status(403).send('Temporary users are disabled.');
+    }
+
+    // Create temp user data
+    req.body.username = req.body.username ?? await generate_random_username();
+    req.body.email = req.body.email ?? req.body.username + '@gmail.com';
+    req.body.password = req.body.password ?? 'sadasdfasdfsadfsa';
+
     // send_confirmation_code
     req.body.send_confirmation_code = req.body.send_confirmation_code ?? true;
 

diff --git a/src/backend/src/services/auth/AuthService.js b/src/backend/src/services/auth/AuthService.js
@@ -48,6 +48,17 @@ class AuthService extends BaseService {
         this.db = await this.services.get('database').get(DB_WRITE, 'auth');
         this.svc_session = await this.services.get('session');
 
+        const svc_feature_flag = await this.services.get("feature-flag");
+        svc_feature_flag.register("temp-users-disabled", {
+            $: "config-flag",
+            value: this.global_config.disable_temp_users ?? false
+        });
+
+        svc_feature_flag.register("user-signup-disabled", {
+            $: "config-flag",
+            value: this.global_config.disable_user_signup ?? false
+        })
+
         // "FPE" stands for "Format Preserving Encryption"
         // The `uuid_fpe_key` is a key for creating encrypted alternatives
         // to UUIDs and decrypting them back to the original UUIDs
@@ -67,6 +78,7 @@ class AuthService extends BaseService {
         };
     }
 
+
 
     /**
     * This method authenticates a user or app using a token.