feat: implement public registration checks

backend/.env.template

@@ -17,3 +17,4 @@ PRIVATE_KEY_PASSPHRASE="a7dsf78sadg87ad87sfagsadg78"
 
 SENTRY_DSN_BACKEND=
 COMMIT=
+PUBLIC_REGISTRATION=false

backend/src/config/index.js

@@ -21,7 +21,12 @@ const {
   GRAPHQL_URI = 'http://localhost:4000',
 } = process.env
 
-export const requiredConfigs = { MAPBOX_TOKEN, JWT_SECRET, PRIVATE_KEY_PASSPHRASE }
+export const requiredConfigs = {
+  MAPBOX_TOKEN,
+  JWT_SECRET,
+  PRIVATE_KEY_PASSPHRASE,
+}
+
 export const smtpConfigs = {
   SMTP_HOST,
   SMTP_PORT,
@@ -30,7 +35,12 @@ export const smtpConfigs = {
   SMTP_PASSWORD,
 }
 export const neo4jConfigs = { NEO4J_URI, NEO4J_USERNAME, NEO4J_PASSWORD }
-export const serverConfigs = { GRAPHQL_PORT, CLIENT_URI, GRAPHQL_URI }
+export const serverConfigs = {
+  GRAPHQL_PORT,
+  CLIENT_URI,
+  GRAPHQL_URI,
+  PUBLIC_REGISTRATION: process.env.PUBLIC_REGISTRATION === 'true',
+}
 
 export const developmentConfigs = {
   DEBUG: process.env.NODE_ENV !== 'production' && process.env.DEBUG,

backend/src/middleware/permissionsMiddleware.js

@@ -111,6 +111,8 @@ const noEmailFilter = rule({
   return !('email' in args)
 })
 
+const publicRegistration = rule()(() => !!CONFIG.PUBLIC_REGISTRATION)
+
 // Permissions
 const permissions = shield(
   {
@@ -137,7 +139,7 @@ const permissions = shield(
       '*': deny,
       login: allow,
       SignupByInvitation: allow,
-      Signup: isAdmin,
+      Signup: or(publicRegistration, isAdmin),
       SignupVerification: allow,
       CreateInvitationCode: and(isAuthenticated, or(not(invitationLimitReached), isAdmin)),
       UpdateUser: onlyYourself,

webapp/.env.template

@@ -1,3 +1,4 @@
 MAPBOX_TOKEN="pk.eyJ1IjoiaHVtYW4tY29ubmVjdGlvbiIsImEiOiJjajl0cnBubGoweTVlM3VwZ2lzNTNud3ZtIn0.KZ8KK9l70omjXbEkkbHGsQ"
 SENTRY_DSN_WEBAPP=
 COMMIT=
+PUBLIC_REGISTRATION=false

webapp/locales/de.json

@@ -26,6 +26,7 @@
     },
     "registration": {
       "signup": {
+        "unavailable": "Leider ist die öffentliche Registrierung von Benutzerkonten auf diesem Server derzeit nicht möglich.",
         "title": "Mach mit bei Human Connection!",
         "form": {
           "description": "Um loszulegen, gib deine E-Mail Adresse ein:",

webapp/locales/en.json

@@ -27,6 +27,7 @@
     },
     "registration": {
       "signup": {
+        "unavailable": "Unfortunately, public registration of user accounts is not available right now on this server.",
         "title": "Join Human Connection!",
         "form": {
           "description": "To get started, enter your email address:",

webapp/nuxt.config.js

@@ -1,6 +1,10 @@
 import path from 'path'
+import dotenv from 'dotenv'
+
+dotenv.config() // we want to synchronize @nuxt-dotenv and nuxt-env
+
 const pkg = require('./package')
-export const envWhitelist = ['NODE_ENV', 'MAPBOX_TOKEN']
+export const envWhitelist = ['NODE_ENV', 'MAPBOX_TOKEN', 'PUBLIC_REGISTRATION']
 const dev = process.env.NODE_ENV !== 'production'
 
 const styleguidePath = '../styleguide'

webapp/pages/registration/signup.vue

@@ -1,19 +1,30 @@
 <template>
-  <signup :invitation="false" @submit="handleSubmitted">
+  <signup v-if="publicRegistration" :invitation="false" @submit="handleSubmitted">
     <ds-space centered margin-top="large">
       <nuxt-link to="/login">{{ $t('site.back-to-login') }}</nuxt-link>
     </ds-space>
   </signup>
+  <ds-space v-else centered>
+    <hc-empty icon="events" :message="$t('components.registration.signup.unavailable')" />
+    <nuxt-link to="/login">{{ $t('site.back-to-login') }}</nuxt-link>
+  </ds-space>
 </template>
 
 <script>
 import Signup from '~/components/Registration/Signup'
+import HcEmpty from '~/components/Empty.vue'
 
 export default {
   layout: 'no-header',
   components: {
+    HcEmpty,
     Signup,
   },
+  asyncData({ app }) {
+    return {
+      publicRegistration: app.$env.PUBLIC_REGISTRATION,
+    }
+  },
   methods: {
     handleSubmitted({ email }) {
       this.$router.push({ path: 'enter-nonce', query: { email } })