feat: add user approval after registration
basically credentials are disabled until approved by admin
This commit is contained in:
parent
1ee7eb1498
commit
9011dc0ab2
7 changed files with 47 additions and 0 deletions
|
@ -65,6 +65,9 @@ pub struct SecurityConfig {
|
||||||
#[serde(default)]
|
#[serde(default)]
|
||||||
pub allow_registration: bool,
|
pub allow_registration: bool,
|
||||||
|
|
||||||
|
#[serde(default)] // TODO i don't like the name of this
|
||||||
|
pub require_user_approval: bool,
|
||||||
|
|
||||||
#[serde(default)]
|
#[serde(default)]
|
||||||
pub allow_public_debugger: bool,
|
pub allow_public_debugger: bool,
|
||||||
|
|
||||||
|
|
|
@ -9,6 +9,7 @@ pub struct Model {
|
||||||
pub actor: String,
|
pub actor: String,
|
||||||
pub login: String,
|
pub login: String,
|
||||||
pub password: String,
|
pub password: String,
|
||||||
|
pub active: bool,
|
||||||
}
|
}
|
||||||
|
|
||||||
#[derive(Copy, Clone, Debug, EnumIter, DeriveRelation)]
|
#[derive(Copy, Clone, Debug, EnumIter, DeriveRelation)]
|
||||||
|
|
|
@ -75,6 +75,7 @@ impl Administrable for crate::Context {
|
||||||
actor: Set(ap_id),
|
actor: Set(ap_id),
|
||||||
login: Set(username),
|
login: Set(username),
|
||||||
password: Set(sha256::digest(password)),
|
password: Set(sha256::digest(password)),
|
||||||
|
active: Set(!self.cfg().security.require_user_approval),
|
||||||
};
|
};
|
||||||
|
|
||||||
crate::model::credential::Entity::insert(credentials_model)
|
crate::model::credential::Entity::insert(credentials_model)
|
||||||
|
|
|
@ -13,6 +13,7 @@ mod m20240609_000001_add_instance_field_to_relations;
|
||||||
mod m20240623_000001_add_dislikes_table;
|
mod m20240623_000001_add_dislikes_table;
|
||||||
mod m20240626_000001_add_notifications_table;
|
mod m20240626_000001_add_notifications_table;
|
||||||
mod m20240628_000001_add_followers_following_indexes;
|
mod m20240628_000001_add_followers_following_indexes;
|
||||||
|
mod m20240628_000002_add_credentials_activated;
|
||||||
|
|
||||||
pub struct Migrator;
|
pub struct Migrator;
|
||||||
|
|
||||||
|
@ -33,6 +34,7 @@ impl MigratorTrait for Migrator {
|
||||||
Box::new(m20240623_000001_add_dislikes_table::Migration),
|
Box::new(m20240623_000001_add_dislikes_table::Migration),
|
||||||
Box::new(m20240626_000001_add_notifications_table::Migration),
|
Box::new(m20240626_000001_add_notifications_table::Migration),
|
||||||
Box::new(m20240628_000001_add_followers_following_indexes::Migration),
|
Box::new(m20240628_000001_add_followers_following_indexes::Migration),
|
||||||
|
Box::new(m20240628_000002_add_credentials_activated::Migration),
|
||||||
]
|
]
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
|
@ -21,6 +21,7 @@ pub enum Credentials {
|
||||||
Actor,
|
Actor,
|
||||||
Login,
|
Login,
|
||||||
Password,
|
Password,
|
||||||
|
Active, // ADDED
|
||||||
}
|
}
|
||||||
|
|
||||||
#[derive(DeriveIden)]
|
#[derive(DeriveIden)]
|
||||||
|
|
|
@ -0,0 +1,38 @@
|
||||||
|
use sea_orm_migration::prelude::*;
|
||||||
|
|
||||||
|
use crate::m20240524_000003_create_users_auth_and_config::Credentials;
|
||||||
|
|
||||||
|
#[derive(DeriveMigrationName)]
|
||||||
|
pub struct Migration;
|
||||||
|
|
||||||
|
#[async_trait::async_trait]
|
||||||
|
impl MigrationTrait for Migration {
|
||||||
|
async fn up(&self, manager: &SchemaManager) -> Result<(), DbErr> {
|
||||||
|
|
||||||
|
manager
|
||||||
|
.alter_table(
|
||||||
|
Table::alter()
|
||||||
|
.table(Credentials::Table)
|
||||||
|
.add_column(ColumnDef::new(Credentials::Active).boolean().not_null().default(false))
|
||||||
|
.to_owned()
|
||||||
|
)
|
||||||
|
.await?;
|
||||||
|
|
||||||
|
Ok(())
|
||||||
|
}
|
||||||
|
|
||||||
|
async fn down(&self, manager: &SchemaManager) -> Result<(), DbErr> {
|
||||||
|
|
||||||
|
manager
|
||||||
|
.alter_table(
|
||||||
|
Table::alter()
|
||||||
|
.table(Credentials::Table)
|
||||||
|
.drop_column(Credentials::Active)
|
||||||
|
.to_owned()
|
||||||
|
)
|
||||||
|
.await?;
|
||||||
|
|
||||||
|
Ok(())
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
|
@ -35,6 +35,7 @@ pub async fn login(
|
||||||
.filter(Condition::all()
|
.filter(Condition::all()
|
||||||
.add(upub::model::credential::Column::Login.eq(login.email))
|
.add(upub::model::credential::Column::Login.eq(login.email))
|
||||||
.add(upub::model::credential::Column::Password.eq(sha256::digest(login.password)))
|
.add(upub::model::credential::Column::Password.eq(sha256::digest(login.password)))
|
||||||
|
.add(upub::model::credential::Column::Active.eq(true))
|
||||||
)
|
)
|
||||||
.one(ctx.db())
|
.one(ctx.db())
|
||||||
.await?
|
.await?
|
||||||
|
|
Loading…
Reference in a new issue