feat: account creation on/off toggling

2025-05-05 10:18:07 +03:00 · 2025-05-05 10:18:07 +03:00 · 0ef65937e8
commit 0ef65937e8
parent dba81d65cb
7 changed files with 76 additions and 60 deletions
--- a/.env.template
+++ b/.env.template
@ -10,11 +10,14 @@ JWT_SECRET=""
 CSRF_SECRET="" # Should be 32 bytes long
 ADMIN_USERNAME=""
 ADMIN_PASSWORD=""
 ACCOUNT_CREATION_ENABLED="0"
 LOG_LEVEL="info"
 APP_ENV="production"
 DOMAIN=""
 FRONTEND_URL=""
-# Frontend
+# Frontend (build-stage)
 VITE_ACCOUNT_CREATION_ENABLED="$ACCOUNT_CREATION_ENABLED"
 VITE_VIEW_COOKIE_PATH="/"
 VITE_COOKIE_SAME_SITE="strict"
 VITE_VIEW_COOKIE_DOMAIN="$DOMAIN"
--- a/docker/docker-compose-back.yml
+++ b/docker/docker-compose-back.yml
@ -37,6 +37,7 @@ services:
      CSRF_SECRET: ${CSRF_SECRET:?csrf secret required}
      ADMIN_USERNAME: ${ADMIN_USERNAME:?init admin username required}
      ADMIN_PASSWORD: ${ADMIN_PASSWORD:?init admin password required}
      ACCOUNT_CREATION_ENABLED: ${ACCOUNT_CREATION_ENABLED:-0}
      LOG_LEVEL: debug
      APP_ENV: development
      DOMAIN: localhost
--- a/docker/docker-compose-full.yml
+++ b/docker/docker-compose-full.yml
@ -35,6 +35,7 @@ services:
      CSRF_SECRET: ${CSRF_SECRET:?csrf secret required}
      ADMIN_USERNAME: ${ADMIN_USERNAME:?init admin username required}
      ADMIN_PASSWORD: ${ADMIN_PASSWORD:?init admin password required}
      ACCOUNT_CREATION_ENABLED: ${ACCOUNT_CREATION_ENABLED:-0}
      LOG_LEVEL: ${LOG_LEVEL:-info}
      APP_ENV: ${APP_ENV:-production}
      DOMAIN: ${DOMAIN:-localhost}
@ -53,10 +54,6 @@ services:
      - 3000:80 # Container port defined in nginx.conf (bound to 3000 for dev.)
    depends_on:
      - qnote-server
    environment:
      VITE_VIEW_COOKIE_PATH: ${VITE_VIEW_COOKIE_PATH:-/}
      VITE_VIEW_COOKIE_DOMAIN: ${DOMAIN:-localhost}
      VITE_COOKIE_SAME_SITE: ${VITE_COOKIE_SAME_SITE:-strict}
 networks:
  qnote:
--- a/server/internal/service/auth.go
+++ b/server/internal/service/auth.go
@ -96,7 +96,9 @@ func (rs authResource) Routes() chi.Router {
 	r := chi.NewRouter()
 	// Public routes (the only outside facing endpoints in the whole API with no requirement for auth)
 	if rs.Config.IsRegEnabled {
 		r.Post("/signup", rs.Create) // POST /auth/signup - registration (rate-limited)
 	}
 	r.Post("/login", rs.Login) // POST /auth/login - login (rate-limited)
 	// Protected routes (access token required)
--- a/server/internal/service/service.go
+++ b/server/internal/service/service.go
@ -20,6 +20,7 @@ type SvcConfig struct {
 	JWTSecret    string
 	CSRFSecret   string
 	IsProd       bool
 	IsRegEnabled bool
 	Domain       string
 	FrontendURL  string
 }
--- a/server/main.go
+++ b/server/main.go
@ -31,14 +31,13 @@ type Config struct {
 	DatabaseURL            string `env:"DB_URL,notEmpty"`
 	AdminUsername          string `env:"ADMIN_USERNAME,notEmpty,unset"`
 	AdminPassword          string `env:"ADMIN_PASSWORD,notEmpty,unset"`
 	AccountCreationEnabled bool   `env:"ACCOUNT_CREATION_ENABLED" envDefault:"0"`
 	Domain                 string `env:"DOMAIN" envDefault:"localhost"`
 	FrontendURL            string `env:"FRONTEND_URL" envDefault:"http://localhost:5173"`
 	LogLevel               string `env:"LOG_LEVEL" envDefault:"info"`
 	AppEnv                 string `env:"APP_ENV" envDefault:"production"`
 }
 // TODO: add flag to enable/disable registration of new users
 func init() {
 	config = Config{}
 	if err := env.Parse(&config); err != nil {
@ -50,11 +49,12 @@ func init() {
 		JWTSecret:    config.JWTSecret,
 		CSRFSecret:   config.CSRFSecret,
 		IsProd:       config.AppEnv == "production",
 		IsRegEnabled: config.AccountCreationEnabled,
 		Domain:       config.Domain,
 		FrontendURL:  config.FrontendURL,
 	}
-	log.Debug().Msgf("IsProd=%t, Domain='%s', FrontendURL='%s'", svcConfig.IsProd, svcConfig.Domain, svcConfig.FrontendURL)
+	log.Debug().Msgf("IsProd=%t, IsRegEnabled=%t, Domain='%s', FrontendURL='%s'", svcConfig.IsProd, svcConfig.IsRegEnabled, svcConfig.Domain, svcConfig.FrontendURL)
 	log.Debug().Msg("Initialization completed")
 }
--- a/web/src/lib/components/AuthForm.svelte
+++ b/web/src/lib/components/AuthForm.svelte
@ -8,6 +8,10 @@
 	export let bottomText: string
 	export let bottomLink: string
 	const ACCOUNT_CREATION_ENABLED = (import.meta.env.VITE_ACCOUNT_CREATION_ENABLED || "0") === "1"
 	console.log(`[VIEW] Account creation enabled: ${ACCOUNT_CREATION_ENABLED}`)
 	// local state
 	let username = ""
 	let password = ""
 	let usernameError = ""
@ -73,6 +77,11 @@
 			</div>
 		{/if}
 		{#if !ACCOUNT_CREATION_ENABLED && formName === "Register"}
 			<div>
 				<p>Registration disabled.</p>
 			</div>
 		{:else}
 			<form class="space-y-5" on:submit|preventDefault={handleSubmit}>
 				<div class="form-group">
 					<input
@ -102,15 +111,18 @@
 					{formName}
 				</button>
 			</form>
 		{/if}
 		{#if ACCOUNT_CREATION_ENABLED}
 			<p class="text-center text-sm font-medium">
 				{bottomText}
 				<a href={bottomLink}> here </a>
 			</p>
 		{/if}
 	</div>
 </div>
-<!-- TODO: add footer with a randomly picked quote (font-copernicus) -->
+<!-- TODO: add footer with randomized quotes (see KF impl., font-copernicus) -->
 <div class="absolute right-4 top-4">
 	<ThemeToggle />