[github/Chocobozzz/PeerTube.git] / server / lib / signup.ts

import { IPv4, IPv6, parse, subnetMatch } from 'ipaddr.js'
import { CONFIG } from '../initializers/config'
import { UserModel } from '../models/user/user'

const isCidr = require('is-cidr')

export type SignupMode = 'direct-registration' | 'request-registration'

async function isSignupAllowed (options: {
  signupMode: SignupMode

  ip: string // For plugins
  body?: any
}): Promise<{ allowed: boolean, errorMessage?: string }> {
  const { signupMode } = options

  if (CONFIG.SIGNUP.ENABLED === false) {
    return { allowed: false, errorMessage: 'User registration is not allowed' }
  }

  if (signupMode === 'direct-registration' && CONFIG.SIGNUP.REQUIRES_APPROVAL === true) {
    return { allowed: false, errorMessage: 'User registration requires approval' }
  }

  // No limit and signup is enabled
  if (CONFIG.SIGNUP.LIMIT === -1) {
    return { allowed: true }
  }

  const totalUsers = await UserModel.countTotal()

  return { allowed: totalUsers < CONFIG.SIGNUP.LIMIT, errorMessage: 'User limit is reached on this instance' }
}

function isSignupAllowedForCurrentIP (ip: string) {
  if (!ip) return false

  const addr = parse(ip)
  const excludeList = [ 'blacklist' ]
  let matched = ''

  // if there is a valid, non-empty whitelist, we exclude all unknown addresses too
  if (CONFIG.SIGNUP.FILTERS.CIDR.WHITELIST.filter(cidr => isCidr(cidr)).length > 0) {
    excludeList.push('unknown')
  }

  if (addr.kind() === 'ipv4') {
    const addrV4 = IPv4.parse(ip)
    const rangeList = {
      whitelist: CONFIG.SIGNUP.FILTERS.CIDR.WHITELIST.filter(cidr => isCidr.v4(cidr))
                       .map(cidr => IPv4.parseCIDR(cidr)),
      blacklist: CONFIG.SIGNUP.FILTERS.CIDR.BLACKLIST.filter(cidr => isCidr.v4(cidr))
                       .map(cidr => IPv4.parseCIDR(cidr))
    }
    matched = subnetMatch(addrV4, rangeList, 'unknown')
  } else if (addr.kind() === 'ipv6') {
    const addrV6 = IPv6.parse(ip)
    const rangeList = {
      whitelist: CONFIG.SIGNUP.FILTERS.CIDR.WHITELIST.filter(cidr => isCidr.v6(cidr))
                       .map(cidr => IPv6.parseCIDR(cidr)),
      blacklist: CONFIG.SIGNUP.FILTERS.CIDR.BLACKLIST.filter(cidr => isCidr.v6(cidr))
                       .map(cidr => IPv6.parseCIDR(cidr))
    }
    matched = subnetMatch(addrV6, rangeList, 'unknown')
  }

  return !excludeList.includes(matched)
}

// ---------------------------------------------------------------------------

export {
  isSignupAllowed,
  isSignupAllowedForCurrentIP
}
Commit	Line	Data
41fb13c3	1	import { IPv4, IPv6, parse, subnetMatch } from 'ipaddr.js'
6dd9de95	2	import { CONFIG } from '../initializers/config'
41fb13c3	3	import { UserModel } from '../models/user/user'
6dd9de95	4
06215f15 C	5	const isCidr = require('is-cidr')
06215f15 C	6
e364e31e C	7	export type SignupMode = 'direct-registration' \| 'request-registration'
	8
	9	async function isSignupAllowed (options: {
	10	signupMode: SignupMode
	11
	12	ip: string // For plugins
	13	body?: any
	14	}): Promise<{ allowed: boolean, errorMessage?: string }> {
	15	const { signupMode } = options
	16
06215f15	17	if (CONFIG.SIGNUP.ENABLED === false) {
4e9a9866	18	return { allowed: false, errorMessage: 'User registration is not allowed' }
06215f15 C	19	}
06215f15 C	20
e364e31e	21	if (signupMode === 'direct-registration' && CONFIG.SIGNUP.REQUIRES_APPROVAL === true) {
4e9a9866	22	return { allowed: false, errorMessage: 'User registration requires approval' }
e364e31e C	23	}
e364e31e C	24
06215f15 C	25	// No limit and signup is enabled
06215f15 C	26	if (CONFIG.SIGNUP.LIMIT === -1) {
4ce7eb71	27	return { allowed: true }
06215f15 C	28	}
	29
	30	const totalUsers = await UserModel.countTotal()
	31
4e9a9866	32	return { allowed: totalUsers < CONFIG.SIGNUP.LIMIT, errorMessage: 'User limit is reached on this instance' }
06215f15 C	33	}
	34
	35	function isSignupAllowedForCurrentIP (ip: string) {
22820226 C	36	if (!ip) return false
22820226 C	37
41fb13c3	38	const addr = parse(ip)
a1587156	39	const excludeList = [ 'blacklist' ]
06215f15 C	40	let matched = ''
06215f15 C	41
7a4fd56c	42	// if there is a valid, non-empty whitelist, we exclude all unknown addresses too
06215f15 C	43	if (CONFIG.SIGNUP.FILTERS.CIDR.WHITELIST.filter(cidr => isCidr(cidr)).length > 0) {
	44	excludeList.push('unknown')
	45	}
	46
	47	if (addr.kind() === 'ipv4') {
41fb13c3	48	const addrV4 = IPv4.parse(ip)
06215f15 C	49	const rangeList = {
06215f15 C	50	whitelist: CONFIG.SIGNUP.FILTERS.CIDR.WHITELIST.filter(cidr => isCidr.v4(cidr))
41fb13c3	51	.map(cidr => IPv4.parseCIDR(cidr)),
06215f15	52	blacklist: CONFIG.SIGNUP.FILTERS.CIDR.BLACKLIST.filter(cidr => isCidr.v4(cidr))
41fb13c3	53	.map(cidr => IPv4.parseCIDR(cidr))
06215f15	54	}
41fb13c3	55	matched = subnetMatch(addrV4, rangeList, 'unknown')
06215f15	56	} else if (addr.kind() === 'ipv6') {
41fb13c3	57	const addrV6 = IPv6.parse(ip)
06215f15 C	58	const rangeList = {
06215f15 C	59	whitelist: CONFIG.SIGNUP.FILTERS.CIDR.WHITELIST.filter(cidr => isCidr.v6(cidr))
41fb13c3	60	.map(cidr => IPv6.parseCIDR(cidr)),
06215f15	61	blacklist: CONFIG.SIGNUP.FILTERS.CIDR.BLACKLIST.filter(cidr => isCidr.v6(cidr))
41fb13c3	62	.map(cidr => IPv6.parseCIDR(cidr))
06215f15	63	}
41fb13c3	64	matched = subnetMatch(addrV6, rangeList, 'unknown')
06215f15 C	65	}
	66
	67	return !excludeList.includes(matched)
	68	}
	69
	70	// ---------------------------------------------------------------------------
	71
	72	export {
	73	isSignupAllowed,
	74	isSignupAllowedForCurrentIP
	75	}