diff options
Diffstat (limited to 'packages')
| -rw-r--r-- | packages/shared/config.ts | 20 | ||||
| -rw-r--r-- | packages/trpc/routers/users.ts | 7 |
2 files changed, 12 insertions, 15 deletions
diff --git a/packages/shared/config.ts b/packages/shared/config.ts index 3126fa68..25806ae0 100644 --- a/packages/shared/config.ts +++ b/packages/shared/config.ts @@ -1,21 +1,7 @@ -function buildAuthentikConfig() { - const { AUTHENTIK_ID, AUTHENTIK_SECRET, AUTHENTIK_ISSUER } = process.env; - - if (!AUTHENTIK_ID || !AUTHENTIK_SECRET || !AUTHENTIK_ISSUER) { - return undefined; - } - - return { - clientId: AUTHENTIK_ID, - clientSecret: AUTHENTIK_SECRET, - issuer: AUTHENTIK_ISSUER, - }; -} - const serverConfig = { apiUrl: process.env.API_URL ?? "http://localhost:3000", auth: { - authentik: buildAuthentikConfig(), + disableSignups: (process.env.DISABLE_SIGNUPS ?? "false") == "true", }, openAI: { apiKey: process.env.OPENAI_API_KEY, @@ -40,8 +26,12 @@ const serverConfig = { dataDir: process.env.DATA_DIR ?? "", }; +// Always explicitly pick up stuff from server config to avoid accidentally leaking stuff export const clientConfig = { demoMode: serverConfig.demoMode, + auth: { + disableSignups: serverConfig.auth.disableSignups, + } }; export type ClientConfig = typeof clientConfig; diff --git a/packages/trpc/routers/users.ts b/packages/trpc/routers/users.ts index db06c0ad..1e7a83a6 100644 --- a/packages/trpc/routers/users.ts +++ b/packages/trpc/routers/users.ts @@ -5,6 +5,7 @@ import { z } from "zod"; import { SqliteError } from "@hoarder/db"; import { users } from "@hoarder/db/schema"; +import serverConfig from "@hoarder/shared/config"; import { hashPassword, validatePassword } from "../auth"; import { @@ -27,6 +28,12 @@ export const usersAppRouter = router({ }), ) .mutation(async ({ input, ctx }) => { + if (serverConfig.auth.disableSignups) { + throw new TRPCError({ + code: "FORBIDDEN", + message: "Signups are disabled in server config", + }); + } // TODO: This is racy, but that's probably fine. const [{ count: userCount }] = await ctx.db .select({ count: count() }) |