2
1

signup.ts 2.7 KB

12345678910111213141516171819202122232425262728293031323334353637383940414243444546474849505152535455565758596061626364656667686970717273747576777879808182838485868788
  1. import ipaddr from 'ipaddr.js'
  2. import { CONFIG } from '../initializers/config.js'
  3. import { UserModel } from '../models/user/user.js'
  4. export type SignupMode = 'direct-registration' | 'request-registration'
  5. export async function isSignupAllowed (options: {
  6. signupMode: SignupMode
  7. ip: string // For plugins
  8. body?: any
  9. }): Promise<{ allowed: boolean, errorMessage?: string }> {
  10. const { signupMode } = options
  11. if (CONFIG.SIGNUP.ENABLED === false) {
  12. return { allowed: false, errorMessage: 'User registration is not allowed' }
  13. }
  14. if (signupMode === 'direct-registration' && CONFIG.SIGNUP.REQUIRES_APPROVAL === true) {
  15. return { allowed: false, errorMessage: 'User registration requires approval' }
  16. }
  17. // No limit and signup is enabled
  18. if (CONFIG.SIGNUP.LIMIT === -1) {
  19. return { allowed: true }
  20. }
  21. const totalUsers = await UserModel.countTotal()
  22. return { allowed: totalUsers < CONFIG.SIGNUP.LIMIT, errorMessage: 'User limit is reached on this instance' }
  23. }
  24. export function isSignupAllowedForCurrentIP (ip: string) {
  25. if (!ip) return false
  26. const addr = ipaddr.parse(ip)
  27. const excludeList = [ 'blacklist' ]
  28. let matched = ''
  29. // if there is a valid, non-empty whitelist, we exclude all unknown addresses too
  30. if (CONFIG.SIGNUP.FILTERS.CIDR.WHITELIST.some(cidr => isIPV4Cidr(cidr) || isIPV6Cidr(cidr))) {
  31. excludeList.push('unknown')
  32. }
  33. if (addr.kind() === 'ipv4') {
  34. const addrV4 = ipaddr.IPv4.parse(ip)
  35. const rangeList = {
  36. whitelist: CONFIG.SIGNUP.FILTERS.CIDR.WHITELIST.filter(cidr => isIPV4Cidr(cidr))
  37. .map(cidr => ipaddr.IPv4.parseCIDR(cidr)),
  38. blacklist: CONFIG.SIGNUP.FILTERS.CIDR.BLACKLIST.filter(cidr => isIPV4Cidr(cidr))
  39. .map(cidr => ipaddr.IPv4.parseCIDR(cidr))
  40. }
  41. matched = ipaddr.subnetMatch(addrV4, rangeList, 'unknown')
  42. } else if (addr.kind() === 'ipv6') {
  43. const addrV6 = ipaddr.IPv6.parse(ip)
  44. const rangeList = {
  45. whitelist: CONFIG.SIGNUP.FILTERS.CIDR.WHITELIST.filter(cidr => isIPV6Cidr(cidr))
  46. .map(cidr => ipaddr.IPv6.parseCIDR(cidr)),
  47. blacklist: CONFIG.SIGNUP.FILTERS.CIDR.BLACKLIST.filter(cidr => isIPV6Cidr(cidr))
  48. .map(cidr => ipaddr.IPv6.parseCIDR(cidr))
  49. }
  50. matched = ipaddr.subnetMatch(addrV6, rangeList, 'unknown')
  51. }
  52. return !excludeList.includes(matched)
  53. }
  54. // ---------------------------------------------------------------------------
  55. // Private
  56. // ---------------------------------------------------------------------------
  57. function isIPV4Cidr (cidr: string) {
  58. try {
  59. ipaddr.IPv4.parseCIDR(cidr)
  60. return true
  61. } catch {
  62. return false
  63. }
  64. }
  65. function isIPV6Cidr (cidr: string) {
  66. try {
  67. ipaddr.IPv6.parseCIDR(cidr)
  68. return true
  69. } catch {
  70. return false
  71. }
  72. }