2023-07-31 14:34:36 +02:00
|
|
|
import ipaddr from 'ipaddr.js'
|
|
|
|
import { CONFIG } from '../initializers/config.js'
|
|
|
|
import { UserModel } from '../models/user/user.js'
|
2018-08-14 15:28:30 +02:00
|
|
|
|
2023-01-19 09:27:16 +01:00
|
|
|
export type SignupMode = 'direct-registration' | 'request-registration'
|
|
|
|
|
2023-10-11 09:20:23 +02:00
|
|
|
export async function isSignupAllowed (options: {
|
2023-01-19 09:27:16 +01:00
|
|
|
signupMode: SignupMode
|
|
|
|
|
|
|
|
ip: string // For plugins
|
|
|
|
body?: any
|
|
|
|
}): Promise<{ allowed: boolean, errorMessage?: string }> {
|
|
|
|
const { signupMode } = options
|
|
|
|
|
2018-08-14 15:28:30 +02:00
|
|
|
if (CONFIG.SIGNUP.ENABLED === false) {
|
2023-06-05 08:53:31 +02:00
|
|
|
return { allowed: false, errorMessage: 'User registration is not allowed' }
|
2018-08-14 15:28:30 +02:00
|
|
|
}
|
|
|
|
|
2023-01-19 09:27:16 +01:00
|
|
|
if (signupMode === 'direct-registration' && CONFIG.SIGNUP.REQUIRES_APPROVAL === true) {
|
2023-06-05 08:53:31 +02:00
|
|
|
return { allowed: false, errorMessage: 'User registration requires approval' }
|
2023-01-19 09:27:16 +01:00
|
|
|
}
|
|
|
|
|
2018-08-14 15:28:30 +02:00
|
|
|
// No limit and signup is enabled
|
|
|
|
if (CONFIG.SIGNUP.LIMIT === -1) {
|
2019-10-25 13:54:32 +02:00
|
|
|
return { allowed: true }
|
2018-08-14 15:28:30 +02:00
|
|
|
}
|
|
|
|
|
|
|
|
const totalUsers = await UserModel.countTotal()
|
|
|
|
|
2023-06-05 08:53:31 +02:00
|
|
|
return { allowed: totalUsers < CONFIG.SIGNUP.LIMIT, errorMessage: 'User limit is reached on this instance' }
|
2018-08-14 15:28:30 +02:00
|
|
|
}
|
|
|
|
|
2023-10-11 09:20:23 +02:00
|
|
|
export function isSignupAllowedForCurrentIP (ip: string) {
|
2021-04-09 14:51:28 +02:00
|
|
|
if (!ip) return false
|
|
|
|
|
2023-07-31 14:34:36 +02:00
|
|
|
const addr = ipaddr.parse(ip)
|
2020-01-31 16:56:52 +01:00
|
|
|
const excludeList = [ 'blacklist' ]
|
2018-08-14 15:28:30 +02:00
|
|
|
let matched = ''
|
|
|
|
|
Fix various typos
Found via `codespell -q 3 -S ./CREDITS.md,./CHANGELOG.md,./client/src/locale,./yarn.lock,./client/yarn.lock -L doubleclick,followings,nd,ot,ro,serie,splitted,tread,truthy`
2022-06-07 15:45:06 +02:00
|
|
|
// if there is a valid, non-empty whitelist, we exclude all unknown addresses too
|
2023-10-11 09:20:23 +02:00
|
|
|
if (CONFIG.SIGNUP.FILTERS.CIDR.WHITELIST.filter(cidr => isIPV4Cidr(cidr) || isIPV6Cidr(cidr))) {
|
2018-08-14 15:28:30 +02:00
|
|
|
excludeList.push('unknown')
|
|
|
|
}
|
|
|
|
|
|
|
|
if (addr.kind() === 'ipv4') {
|
2023-07-31 14:34:36 +02:00
|
|
|
const addrV4 = ipaddr.IPv4.parse(ip)
|
2018-08-14 15:28:30 +02:00
|
|
|
const rangeList = {
|
2023-10-11 09:20:23 +02:00
|
|
|
whitelist: CONFIG.SIGNUP.FILTERS.CIDR.WHITELIST.filter(cidr => isIPV4Cidr(cidr))
|
2023-07-31 14:34:36 +02:00
|
|
|
.map(cidr => ipaddr.IPv4.parseCIDR(cidr)),
|
2023-10-11 09:20:23 +02:00
|
|
|
blacklist: CONFIG.SIGNUP.FILTERS.CIDR.BLACKLIST.filter(cidr => isIPV4Cidr(cidr))
|
2023-07-31 14:34:36 +02:00
|
|
|
.map(cidr => ipaddr.IPv4.parseCIDR(cidr))
|
2018-08-14 15:28:30 +02:00
|
|
|
}
|
2023-07-31 14:34:36 +02:00
|
|
|
matched = ipaddr.subnetMatch(addrV4, rangeList, 'unknown')
|
2018-08-14 15:28:30 +02:00
|
|
|
} else if (addr.kind() === 'ipv6') {
|
2023-07-31 14:34:36 +02:00
|
|
|
const addrV6 = ipaddr.IPv6.parse(ip)
|
2018-08-14 15:28:30 +02:00
|
|
|
const rangeList = {
|
2023-10-11 09:20:23 +02:00
|
|
|
whitelist: CONFIG.SIGNUP.FILTERS.CIDR.WHITELIST.filter(cidr => isIPV6Cidr(cidr))
|
2023-07-31 14:34:36 +02:00
|
|
|
.map(cidr => ipaddr.IPv6.parseCIDR(cidr)),
|
2023-10-11 09:20:23 +02:00
|
|
|
blacklist: CONFIG.SIGNUP.FILTERS.CIDR.BLACKLIST.filter(cidr => isIPV6Cidr(cidr))
|
2023-07-31 14:34:36 +02:00
|
|
|
.map(cidr => ipaddr.IPv6.parseCIDR(cidr))
|
2018-08-14 15:28:30 +02:00
|
|
|
}
|
2023-07-31 14:34:36 +02:00
|
|
|
matched = ipaddr.subnetMatch(addrV6, rangeList, 'unknown')
|
2018-08-14 15:28:30 +02:00
|
|
|
}
|
|
|
|
|
|
|
|
return !excludeList.includes(matched)
|
|
|
|
}
|
|
|
|
|
2023-10-11 09:20:23 +02:00
|
|
|
// ---------------------------------------------------------------------------
|
|
|
|
// Private
|
2018-08-14 15:28:30 +02:00
|
|
|
// ---------------------------------------------------------------------------
|
|
|
|
|
2023-10-11 09:20:23 +02:00
|
|
|
function isIPV4Cidr (cidr: string) {
|
|
|
|
try {
|
|
|
|
ipaddr.IPv4.parseCIDR(cidr)
|
|
|
|
return true
|
|
|
|
} catch {
|
|
|
|
return false
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
|
|
|
function isIPV6Cidr (cidr: string) {
|
|
|
|
try {
|
|
|
|
ipaddr.IPv6.parseCIDR(cidr)
|
|
|
|
return true
|
|
|
|
} catch {
|
|
|
|
return false
|
|
|
|
}
|
2018-08-14 15:28:30 +02:00
|
|
|
}
|