mirror of
https://github.com/plan-player-analytics/Plan.git
synced 2024-12-15 05:41:51 +08:00
Add setting 'Webserver.Security.Disable_registration'
- This disables /auth/register endpoint and /plan register command. - Website will display "Registering new users has been disabled in the config." on register page Affects issues: - Close #2332
This commit is contained in:
parent
f6af24a42a
commit
f7a40fbd68
@ -20,6 +20,8 @@ import com.djrapitops.plan.commands.subcommands.*;
|
|||||||
import com.djrapitops.plan.commands.use.*;
|
import com.djrapitops.plan.commands.use.*;
|
||||||
import com.djrapitops.plan.gathering.importing.ImportSystem;
|
import com.djrapitops.plan.gathering.importing.ImportSystem;
|
||||||
import com.djrapitops.plan.settings.Permissions;
|
import com.djrapitops.plan.settings.Permissions;
|
||||||
|
import com.djrapitops.plan.settings.config.PlanConfig;
|
||||||
|
import com.djrapitops.plan.settings.config.paths.WebserverSettings;
|
||||||
import com.djrapitops.plan.settings.locale.Locale;
|
import com.djrapitops.plan.settings.locale.Locale;
|
||||||
import com.djrapitops.plan.settings.locale.lang.DeepHelpLang;
|
import com.djrapitops.plan.settings.locale.lang.DeepHelpLang;
|
||||||
import com.djrapitops.plan.settings.locale.lang.HelpLang;
|
import com.djrapitops.plan.settings.locale.lang.HelpLang;
|
||||||
@ -51,6 +53,7 @@ public class PlanCommand {
|
|||||||
private final DataUtilityCommands dataUtilityCommands;
|
private final DataUtilityCommands dataUtilityCommands;
|
||||||
|
|
||||||
private final Locale locale;
|
private final Locale locale;
|
||||||
|
private final PlanConfig config;
|
||||||
private final ImportSystem importSystem;
|
private final ImportSystem importSystem;
|
||||||
private final ErrorLogger errorLogger;
|
private final ErrorLogger errorLogger;
|
||||||
|
|
||||||
@ -69,6 +72,7 @@ public class PlanCommand {
|
|||||||
PluginStatusCommands statusCommands,
|
PluginStatusCommands statusCommands,
|
||||||
DatabaseCommands databaseCommands,
|
DatabaseCommands databaseCommands,
|
||||||
DataUtilityCommands dataUtilityCommands,
|
DataUtilityCommands dataUtilityCommands,
|
||||||
|
PlanConfig config,
|
||||||
ErrorLogger errorLogger
|
ErrorLogger errorLogger
|
||||||
) {
|
) {
|
||||||
this.commandName = commandName;
|
this.commandName = commandName;
|
||||||
@ -82,6 +86,7 @@ public class PlanCommand {
|
|||||||
this.statusCommands = statusCommands;
|
this.statusCommands = statusCommands;
|
||||||
this.databaseCommands = databaseCommands;
|
this.databaseCommands = databaseCommands;
|
||||||
this.dataUtilityCommands = dataUtilityCommands;
|
this.dataUtilityCommands = dataUtilityCommands;
|
||||||
|
this.config = config;
|
||||||
this.errorLogger = errorLogger;
|
this.errorLogger = errorLogger;
|
||||||
}
|
}
|
||||||
|
|
||||||
@ -220,6 +225,9 @@ public class PlanCommand {
|
|||||||
}
|
}
|
||||||
|
|
||||||
private Subcommand registerCommand() {
|
private Subcommand registerCommand() {
|
||||||
|
if (config.isTrue(WebserverSettings.DISABLED_AUTHENTICATION) || config.isTrue(WebserverSettings.DISABLED_REGISTRATION)) {
|
||||||
|
return null;
|
||||||
|
}
|
||||||
return Subcommand.builder()
|
return Subcommand.builder()
|
||||||
.aliases("register")
|
.aliases("register")
|
||||||
.requirePermission(Permissions.REGISTER_SELF)
|
.requirePermission(Permissions.REGISTER_SELF)
|
||||||
@ -244,6 +252,9 @@ public class PlanCommand {
|
|||||||
}
|
}
|
||||||
|
|
||||||
private Subcommand logoutCommand() {
|
private Subcommand logoutCommand() {
|
||||||
|
if (config.isTrue(WebserverSettings.DISABLED_AUTHENTICATION)) {
|
||||||
|
return null;
|
||||||
|
}
|
||||||
return Subcommand.builder()
|
return Subcommand.builder()
|
||||||
.aliases("logout")
|
.aliases("logout")
|
||||||
.requirePermission(Permissions.LOGOUT_OTHER)
|
.requirePermission(Permissions.LOGOUT_OTHER)
|
||||||
|
@ -26,6 +26,7 @@ import com.djrapitops.plan.delivery.web.resolver.exception.NotFoundException;
|
|||||||
import com.djrapitops.plan.delivery.web.resolver.request.Request;
|
import com.djrapitops.plan.delivery.web.resolver.request.Request;
|
||||||
import com.djrapitops.plan.delivery.web.resolver.request.WebUser;
|
import com.djrapitops.plan.delivery.web.resolver.request.WebUser;
|
||||||
import com.djrapitops.plan.delivery.webserver.auth.FailReason;
|
import com.djrapitops.plan.delivery.webserver.auth.FailReason;
|
||||||
|
import com.djrapitops.plan.delivery.webserver.configuration.WebserverConfiguration;
|
||||||
import com.djrapitops.plan.delivery.webserver.http.WebServer;
|
import com.djrapitops.plan.delivery.webserver.http.WebServer;
|
||||||
import com.djrapitops.plan.delivery.webserver.resolver.*;
|
import com.djrapitops.plan.delivery.webserver.resolver.*;
|
||||||
import com.djrapitops.plan.delivery.webserver.resolver.auth.*;
|
import com.djrapitops.plan.delivery.webserver.resolver.auth.*;
|
||||||
@ -86,6 +87,7 @@ public class ResponseResolver {
|
|||||||
private final ResolverService resolverService;
|
private final ResolverService resolverService;
|
||||||
private final ResponseFactory responseFactory;
|
private final ResponseFactory responseFactory;
|
||||||
private final Lazy<WebServer> webServer;
|
private final Lazy<WebServer> webServer;
|
||||||
|
private final WebserverConfiguration webserverConfiguration;
|
||||||
private final PublicHtmlResolver publicHtmlResolver;
|
private final PublicHtmlResolver publicHtmlResolver;
|
||||||
|
|
||||||
@Inject
|
@Inject
|
||||||
@ -93,6 +95,7 @@ public class ResponseResolver {
|
|||||||
ResolverSvc resolverService,
|
ResolverSvc resolverService,
|
||||||
ResponseFactory responseFactory,
|
ResponseFactory responseFactory,
|
||||||
Lazy<WebServer> webServer,
|
Lazy<WebServer> webServer,
|
||||||
|
WebserverConfiguration webserverConfiguration,
|
||||||
|
|
||||||
QueryPageResolver queryPageResolver,
|
QueryPageResolver queryPageResolver,
|
||||||
PlayersPageResolver playersPageResolver,
|
PlayersPageResolver playersPageResolver,
|
||||||
@ -118,6 +121,7 @@ public class ResponseResolver {
|
|||||||
this.resolverService = resolverService;
|
this.resolverService = resolverService;
|
||||||
this.responseFactory = responseFactory;
|
this.responseFactory = responseFactory;
|
||||||
this.webServer = webServer;
|
this.webServer = webServer;
|
||||||
|
this.webserverConfiguration = webserverConfiguration;
|
||||||
this.queryPageResolver = queryPageResolver;
|
this.queryPageResolver = queryPageResolver;
|
||||||
this.playersPageResolver = playersPageResolver;
|
this.playersPageResolver = playersPageResolver;
|
||||||
this.playerPageResolver = playerPageResolver;
|
this.playerPageResolver = playerPageResolver;
|
||||||
@ -150,12 +154,15 @@ public class ResponseResolver {
|
|||||||
resolverService.registerResolver(plugin, "/player", playerPageResolver);
|
resolverService.registerResolver(plugin, "/player", playerPageResolver);
|
||||||
resolverService.registerResolver(plugin, "/network", serverPageResolver);
|
resolverService.registerResolver(plugin, "/network", serverPageResolver);
|
||||||
resolverService.registerResolver(plugin, "/server", serverPageResolver);
|
resolverService.registerResolver(plugin, "/server", serverPageResolver);
|
||||||
|
if (webserverConfiguration.isAuthenticationEnabled()) {
|
||||||
resolverService.registerResolver(plugin, "/login", loginPageResolver);
|
resolverService.registerResolver(plugin, "/login", loginPageResolver);
|
||||||
resolverService.registerResolver(plugin, "/register", registerPageResolver);
|
resolverService.registerResolver(plugin, "/register", registerPageResolver);
|
||||||
resolverService.registerResolver(plugin, "/auth/login", loginResolver);
|
resolverService.registerResolver(plugin, "/auth/login", loginResolver);
|
||||||
resolverService.registerResolver(plugin, "/auth/logout", logoutResolver);
|
resolverService.registerResolver(plugin, "/auth/logout", logoutResolver);
|
||||||
|
if (webserverConfiguration.isRegistrationEnabled()) {
|
||||||
resolverService.registerResolver(plugin, "/auth/register", registerResolver);
|
resolverService.registerResolver(plugin, "/auth/register", registerResolver);
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
resolverService.registerResolver(plugin, "/errors", errorsPageResolver);
|
resolverService.registerResolver(plugin, "/errors", errorsPageResolver);
|
||||||
|
|
||||||
|
@ -124,4 +124,8 @@ public class WebserverConfiguration {
|
|||||||
public boolean isProxyModeHttps() {
|
public boolean isProxyModeHttps() {
|
||||||
return "proxy".equals(config.get(WebserverSettings.CERTIFICATE_PATH));
|
return "proxy".equals(config.get(WebserverSettings.CERTIFICATE_PATH));
|
||||||
}
|
}
|
||||||
|
|
||||||
|
public boolean isRegistrationEnabled() {
|
||||||
|
return config.isFalse(WebserverSettings.DISABLED_REGISTRATION);
|
||||||
|
}
|
||||||
}
|
}
|
||||||
|
@ -90,6 +90,7 @@ public class MetadataJSONResolver implements NoAuthResolver {
|
|||||||
.put("networkName", serverInfo.getServer().isProxy() ? config.get(ProxySettings.NETWORK_NAME) : null)
|
.put("networkName", serverInfo.getServer().isProxy() ? config.get(ProxySettings.NETWORK_NAME) : null)
|
||||||
.put("mainCommand", mainCommand)
|
.put("mainCommand", mainCommand)
|
||||||
.put("refreshBarrierMs", config.get(WebserverSettings.REDUCED_REFRESH_BARRIER))
|
.put("refreshBarrierMs", config.get(WebserverSettings.REDUCED_REFRESH_BARRIER))
|
||||||
|
.put("registrationDisabled", config.isTrue(WebserverSettings.DISABLED_REGISTRATION))
|
||||||
.build())
|
.build())
|
||||||
.build();
|
.build();
|
||||||
}
|
}
|
||||||
|
@ -42,6 +42,7 @@ public class WebserverSettings {
|
|||||||
public static final Setting<List<String>> WHITELIST = new StringListSetting("Webserver.Security.IP_whitelist.Whitelist");
|
public static final Setting<List<String>> WHITELIST = new StringListSetting("Webserver.Security.IP_whitelist.Whitelist");
|
||||||
public static final Setting<Boolean> DISABLED = new BooleanSetting("Webserver.Disable_Webserver");
|
public static final Setting<Boolean> DISABLED = new BooleanSetting("Webserver.Disable_Webserver");
|
||||||
public static final Setting<Boolean> DISABLED_AUTHENTICATION = new BooleanSetting("Webserver.Security.Disable_authentication");
|
public static final Setting<Boolean> DISABLED_AUTHENTICATION = new BooleanSetting("Webserver.Security.Disable_authentication");
|
||||||
|
public static final Setting<Boolean> DISABLED_REGISTRATION = new BooleanSetting("Webserver.Security.Disable_registration");
|
||||||
public static final Setting<Boolean> LOG_ACCESS_TO_CONSOLE = new BooleanSetting("Webserver.Security.Access_log.Print_to_console");
|
public static final Setting<Boolean> LOG_ACCESS_TO_CONSOLE = new BooleanSetting("Webserver.Security.Access_log.Print_to_console");
|
||||||
public static final Setting<String> EXTERNAL_LINK = new StringSetting("Webserver.External_Webserver_address");
|
public static final Setting<String> EXTERNAL_LINK = new StringSetting("Webserver.External_Webserver_address");
|
||||||
public static final Setting<String> PUBLIC_HTML_PATH = new StringSetting("Webserver.Public_html_directory");
|
public static final Setting<String> PUBLIC_HTML_PATH = new StringSetting("Webserver.Public_html_directory");
|
||||||
|
@ -275,6 +275,7 @@ public enum HtmlLang implements Lang {
|
|||||||
LOGIN_FORGOT_PASSWORD_INSTRUCTIONS_4("html.login.forgotPassword4", "After using the command, "),
|
LOGIN_FORGOT_PASSWORD_INSTRUCTIONS_4("html.login.forgotPassword4", "After using the command, "),
|
||||||
LOGIN_FAILED("html.login.failed", "Login failed: "),
|
LOGIN_FAILED("html.login.failed", "Login failed: "),
|
||||||
REGISTER("html.register.register", "Register"),
|
REGISTER("html.register.register", "Register"),
|
||||||
|
REGISTER_DISABLED("html.register.disabled", "Registering new users has been disabled in the config."),
|
||||||
REGISTER_CREATE_USER("html.register.createNewUser", "Create a new user"),
|
REGISTER_CREATE_USER("html.register.createNewUser", "Create a new user"),
|
||||||
REGISTER_USERNAME_TIP("html.register.usernameTip", "Username can be up to 50 characters."),
|
REGISTER_USERNAME_TIP("html.register.usernameTip", "Username can be up to 50 characters."),
|
||||||
REGISTER_PASSWORD_TIP("html.register.passwordTip", "Password should be more than 8 characters, but there are no limitations."),
|
REGISTER_PASSWORD_TIP("html.register.passwordTip", "Password should be more than 8 characters, but there are no limitations."),
|
||||||
|
@ -62,6 +62,8 @@ Webserver:
|
|||||||
Alias: alias
|
Alias: alias
|
||||||
# HTTPS is required for Login.
|
# HTTPS is required for Login.
|
||||||
Disable_authentication: false
|
Disable_authentication: false
|
||||||
|
# Disable /auth/register endpoint
|
||||||
|
Disable_registration: false
|
||||||
# Cross-Origin Resource Sharing (Requests from non-Plan web pages)
|
# Cross-Origin Resource Sharing (Requests from non-Plan web pages)
|
||||||
# https://developer.mozilla.org/en-US/docs/Web/HTTP/CORS
|
# https://developer.mozilla.org/en-US/docs/Web/HTTP/CORS
|
||||||
CORS:
|
CORS:
|
||||||
|
@ -63,6 +63,8 @@ Webserver:
|
|||||||
Alias: alias
|
Alias: alias
|
||||||
# HTTPS is required for Login.
|
# HTTPS is required for Login.
|
||||||
Disable_authentication: false
|
Disable_authentication: false
|
||||||
|
# Disable /auth/register endpoint
|
||||||
|
Disable_registration: false
|
||||||
# Cross-Origin Resource Sharing (Requests from non-Plan web pages)
|
# Cross-Origin Resource Sharing (Requests from non-Plan web pages)
|
||||||
# https://developer.mozilla.org/en-US/docs/Web/HTTP/CORS
|
# https://developer.mozilla.org/en-US/docs/Web/HTTP/CORS
|
||||||
CORS:
|
CORS:
|
||||||
|
@ -11,6 +11,7 @@ import ColorSelectorModal from "../../components/modal/ColorSelectorModal";
|
|||||||
import {useAuth} from "../../hooks/authenticationHook";
|
import {useAuth} from "../../hooks/authenticationHook";
|
||||||
import FinalizeRegistrationModal from "../../components/modal/FinalizeRegistrationModal";
|
import FinalizeRegistrationModal from "../../components/modal/FinalizeRegistrationModal";
|
||||||
import {fetchRegisterCheck, postRegister} from "../../service/authenticationService";
|
import {fetchRegisterCheck, postRegister} from "../../service/authenticationService";
|
||||||
|
import {useMetadata} from "../../hooks/metadataHook";
|
||||||
|
|
||||||
const Logo = () => {
|
const Logo = () => {
|
||||||
return (
|
return (
|
||||||
@ -43,6 +44,7 @@ const RegisterCard = ({children}) => {
|
|||||||
const RegisterForm = ({register}) => {
|
const RegisterForm = ({register}) => {
|
||||||
const {t} = useTranslation();
|
const {t} = useTranslation();
|
||||||
|
|
||||||
|
const {registrationDisabled} = useMetadata();
|
||||||
const [username, setUsername] = useState('');
|
const [username, setUsername] = useState('');
|
||||||
const [password, setPassword] = useState('');
|
const [password, setPassword] = useState('');
|
||||||
|
|
||||||
@ -51,6 +53,12 @@ const RegisterForm = ({register}) => {
|
|||||||
register(username, password).then(() => setPassword(''));
|
register(username, password).then(() => setPassword(''));
|
||||||
}, [username, password, setPassword, register]);
|
}, [username, password, setPassword, register]);
|
||||||
|
|
||||||
|
if (registrationDisabled) {
|
||||||
|
return (
|
||||||
|
<p>{t('html.register.disabled')}</p>
|
||||||
|
)
|
||||||
|
}
|
||||||
|
|
||||||
return (
|
return (
|
||||||
<form className="user">
|
<form className="user">
|
||||||
<div className="mb-3">
|
<div className="mb-3">
|
||||||
|
Loading…
Reference in New Issue
Block a user