diff options
| author | Mohamed Bassem <me@mbassem.com> | 2025-11-30 00:01:07 +0000 |
|---|---|---|
| committer | Mohamed Bassem <me@mbassem.com> | 2025-11-30 00:01:07 +0000 |
| commit | b12c1c3a82941f2767ade8f497db56933415b94d (patch) | |
| tree | b1fa65f111c21bfb996c8b99ebff2d60c11a5876 /packages/shared | |
| parent | 4898b6be87c6edec8c74d69317899ce918c550ad (diff) | |
| download | karakeep-b12c1c3a82941f2767ade8f497db56933415b94d.tar.zst | |
feat: add support for turnstile on signup
Diffstat (limited to 'packages/shared')
| -rw-r--r-- | packages/shared/config.ts | 22 | ||||
| -rw-r--r-- | packages/shared/types/users.ts | 1 |
2 files changed, 23 insertions, 0 deletions
diff --git a/packages/shared/config.ts b/packages/shared/config.ts index 634f083b..60beae1e 100644 --- a/packages/shared/config.ts +++ b/packages/shared/config.ts @@ -54,6 +54,8 @@ const allEnv = z.object({ OAUTH_TIMEOUT: z.coerce.number().optional().default(3500), OAUTH_SCOPE: z.string().default("openid email profile"), OAUTH_PROVIDER_NAME: z.string().default("Custom Provider"), + TURNSTILE_SITE_KEY: z.string().optional(), + TURNSTILE_SECRET_KEY: z.string().optional(), OPENAI_API_KEY: z.string().optional(), OPENAI_BASE_URL: z.string().url().optional(), OLLAMA_BASE_URL: z.string().url().optional(), @@ -237,6 +239,11 @@ const serverConfigSchema = allEnv.transform((val, ctx) => { name: val.OAUTH_PROVIDER_NAME, timeout: val.OAUTH_TIMEOUT, }, + turnstile: { + enabled: val.TURNSTILE_SITE_KEY !== undefined, + siteKey: val.TURNSTILE_SITE_KEY, + secretKey: val.TURNSTILE_SECRET_KEY, + }, }, email: { smtp: val.SMTP_HOST @@ -401,6 +408,15 @@ const serverConfigSchema = allEnv.transform((val, ctx) => { }); return z.NEVER; } + if (obj.auth.turnstile.enabled && !obj.auth.turnstile.secretKey) { + ctx.addIssue({ + code: z.ZodIssueCode.custom, + message: + "TURNSTILE_SECRET_KEY is required when TURNSTILE_SITE_KEY is set", + fatal: true, + }); + return z.NEVER; + } return obj; }); @@ -416,6 +432,12 @@ export const clientConfig = { disableSignups: serverConfig.auth.disableSignups, disablePasswordAuth: serverConfig.auth.disablePasswordAuth, }, + turnstile: + serverConfig.auth.turnstile.enabled && serverConfig.auth.turnstile.siteKey + ? { + siteKey: serverConfig.auth.turnstile.siteKey, + } + : null, inference: { isConfigured: serverConfig.inference.isConfigured, inferredTagLang: serverConfig.inference.inferredTagLang, diff --git a/packages/shared/types/users.ts b/packages/shared/types/users.ts index 2fad4f83..9f020d52 100644 --- a/packages/shared/types/users.ts +++ b/packages/shared/types/users.ts @@ -11,6 +11,7 @@ export const zSignUpSchema = z email: z.string().email(), password: z.string().min(PASSWORD_MIN_LENGTH).max(PASSWORD_MAX_LENGTH), confirmPassword: z.string(), + turnstileToken: z.string().optional(), }) .refine((data) => data.password === data.confirmPassword, { message: "Passwords don't match", |