24 files changed, 338 insertions, 116 deletions

diff --git a/shared/core-utils/common/version.ts b/shared/core-utils/common/version.ts
index 8a64f8c4d..305287233 100644
--- a/shared/core-utils/common/version.ts
+++ b/shared/core-utils/common/version.ts
@@ -1,18 +1,9 @@
-// Thanks https://stackoverflow.com/a/16187766
+// Thanks https://gist.github.com/iwill/a83038623ba4fef6abb9efca87ae9ccb
 function compareSemVer (a: string, b: string) {
-  const regExStrip0 = /(\.0+)+$/
-  const segmentsA = a.replace(regExStrip0, '').split('.')
-  const segmentsB = b.replace(regExStrip0, '').split('.')
+  if (a.startsWith(b + '-')) return -1
+  if (b.startsWith(a + '-')) return 1
 
-  const l = Math.min(segmentsA.length, segmentsB.length)
-
-  for (let i = 0; i < l; i++) {
-    const diff = parseInt(segmentsA[i], 10) - parseInt(segmentsB[i], 10)
-
-    if (diff) return diff
-  }
-
-  return segmentsA.length - segmentsB.length
+  return a.localeCompare(b, undefined, { numeric: true, sensitivity: 'case', caseFirst: 'upper' })
 }
 
 export {
diff --git a/shared/core-utils/plugins/hooks.ts b/shared/core-utils/plugins/hooks.ts
index 3784969b5..96bcc945e 100644
--- a/shared/core-utils/plugins/hooks.ts
+++ b/shared/core-utils/plugins/hooks.ts
@@ -1,3 +1,4 @@
+import { RegisteredExternalAuthConfig } from '@shared/models'
 import { HookType } from '../../models/plugins/hook-type.enum'
 import { isCatchable, isPromise } from '../common/promises'
 
@@ -49,7 +50,12 @@ async function internalRunHook <T> (options: {
   return result
 }
 
+function getExternalAuthHref (apiUrl: string, auth: RegisteredExternalAuthConfig) {
+  return apiUrl + `/plugins/${auth.name}/${auth.version}/auth/${auth.authName}`
+}
+
 export {
   getHookType,
-  internalRunHook
+  internalRunHook,
+  getExternalAuthHref
 }
diff --git a/shared/core-utils/renderer/html.ts b/shared/core-utils/renderer/html.ts
index 502308979..877f2ec55 100644
--- a/shared/core-utils/renderer/html.ts
+++ b/shared/core-utils/renderer/html.ts
@@ -38,7 +38,11 @@ export function getCustomMarkupSanitizeOptions (additionalAllowedTags: string[]
       ...additionalAllowedTags,
       'div', 'h1', 'h2', 'h3', 'h4', 'h5', 'h6', 'img'
     ],
-    allowedSchemes: base.allowedSchemes,
+    allowedSchemes: [
+      ...base.allowedSchemes,
+
+      'mailto'
+    ],
     allowedAttributes: {
       ...base.allowedAttributes,
 
diff --git a/shared/core-utils/users/user-role.ts b/shared/core-utils/users/user-role.ts
index cc757d779..5f3b9a10f 100644
--- a/shared/core-utils/users/user-role.ts
+++ b/shared/core-utils/users/user-role.ts
@@ -23,7 +23,8 @@ const userRoleRights: { [ id in UserRole ]: UserRight[] } = {
     UserRight.MANAGE_ACCOUNTS_BLOCKLIST,
     UserRight.MANAGE_SERVERS_BLOCKLIST,
     UserRight.MANAGE_USERS,
-    UserRight.SEE_ALL_COMMENTS
+    UserRight.SEE_ALL_COMMENTS,
+    UserRight.MANAGE_REGISTRATIONS
   ],
 
   [UserRole.USER]: []
diff --git a/shared/models/plugins/server/server-hook.model.ts b/shared/models/plugins/server/server-hook.model.ts
index f11d2050b..dd9cc3ad6 100644
--- a/shared/models/plugins/server/server-hook.model.ts
+++ b/shared/models/plugins/server/server-hook.model.ts
@@ -91,6 +91,10 @@ export const serverFilterHookObject = {
   // Filter result used to check if a user can register on the instance
   'filter:api.user.signup.allowed.result': true,
 
+  // Filter result used to check if a user can send a registration request on the instance
+  // PeerTube >= 5.1
+  'filter:api.user.request-signup.allowed.result': true,
+
   // Filter result used to check if video/torrent download is allowed
   'filter:api.download.video.allowed.result': true,
   'filter:api.download.torrent.allowed.result': true,
@@ -156,6 +160,9 @@ export const serverActionHookObject = {
   'action:api.user.unblocked': true,
   // Fired when a user registered on the instance
   'action:api.user.registered': true,
+  // Fired when a user requested registration on the instance
+  // PeerTube >= 5.1
+  'action:api.user.requested-registration': true,
   // Fired when an admin/moderator created a user
   'action:api.user.created': true,
   // Fired when a user is removed by an admin/moderator
diff --git a/shared/models/server/custom-config.model.ts b/shared/models/server/custom-config.model.ts
index 7d9d570b1..846bf6159 100644
--- a/shared/models/server/custom-config.model.ts
+++ b/shared/models/server/custom-config.model.ts
@@ -83,6 +83,7 @@ export interface CustomConfig {
   signup: {
     enabled: boolean
     limit: number
+    requiresApproval: boolean
     requiresEmailVerification: boolean
     minimumAge: number
   }
diff --git a/shared/models/server/server-config.model.ts b/shared/models/server/server-config.model.ts
index 3b6d0597c..d0bd9a00f 100644
--- a/shared/models/server/server-config.model.ts
+++ b/shared/models/server/server-config.model.ts
@@ -131,6 +131,7 @@ export interface ServerConfig {
     allowed: boolean
     allowedForCurrentIP: boolean
     requiresEmailVerification: boolean
+    requiresApproval: boolean
     minimumAge: number
   }
 
diff --git a/shared/models/server/server-error-code.enum.ts b/shared/models/server/server-error-code.enum.ts
index 0e70ea0a7..a39cde1b3 100644
--- a/shared/models/server/server-error-code.enum.ts
+++ b/shared/models/server/server-error-code.enum.ts
@@ -39,7 +39,13 @@ export const enum ServerErrorCode {
    */
   INCORRECT_FILES_IN_TORRENT = 'incorrect_files_in_torrent',
 
-  COMMENT_NOT_ASSOCIATED_TO_VIDEO = 'comment_not_associated_to_video'
+  COMMENT_NOT_ASSOCIATED_TO_VIDEO = 'comment_not_associated_to_video',
+
+  MISSING_TWO_FACTOR = 'missing_two_factor',
+  INVALID_TWO_FACTOR = 'invalid_two_factor',
+
+  ACCOUNT_WAITING_FOR_APPROVAL = 'account_waiting_for_approval',
+  ACCOUNT_APPROVAL_REJECTED = 'account_approval_rejected'
 }
 
 /**
@@ -70,5 +76,5 @@ export const enum OAuth2ErrorCode {
    *
    * @see https://github.com/oauthjs/node-oauth2-server/blob/master/lib/errors/invalid-token-error.js
    */
-  INVALID_TOKEN = 'invalid_token',
+  INVALID_TOKEN = 'invalid_token'
 }
diff --git a/shared/models/users/index.ts b/shared/models/users/index.ts
index 32f7a441c..4a050c870 100644
--- a/shared/models/users/index.ts
+++ b/shared/models/users/index.ts
@@ -1,3 +1,4 @@
+export * from './registration'
 export * from './two-factor-enable-result.model'
 export * from './user-create-result.model'
 export * from './user-create.model'
@@ -6,7 +7,6 @@ export * from './user-login.model'
 export * from './user-notification-setting.model'
 export * from './user-notification.model'
 export * from './user-refresh-token.model'
-export * from './user-register.model'
 export * from './user-right.enum'
 export * from './user-role'
 export * from './user-scoped-token'
diff --git a/shared/models/users/registration/index.ts b/shared/models/users/registration/index.ts
new file mode 100644
index 000000000..593740c4f
--- /dev/null
+++ b/shared/models/users/registration/index.ts
@@ -0,0 +1,5 @@
+export * from './user-register.model'
+export * from './user-registration-request.model'
+export * from './user-registration-state.model'
+export * from './user-registration-update-state.model'
+export * from './user-registration.model'
diff --git a/shared/models/users/user-register.model.ts b/shared/models/users/registration/user-register.model.ts
index cf9a43a67..cf9a43a67 100644
--- a/shared/models/users/user-register.model.ts
+++ b/shared/models/users/registration/user-register.model.ts
diff --git a/shared/models/users/registration/user-registration-request.model.ts b/shared/models/users/registration/user-registration-request.model.ts
new file mode 100644
index 000000000..6c38817e0
--- /dev/null
+++ b/shared/models/users/registration/user-registration-request.model.ts
@@ -0,0 +1,5 @@
+import { UserRegister } from './user-register.model'
+
+export interface UserRegistrationRequest extends UserRegister {
+  registrationReason: string
+}
diff --git a/shared/models/users/registration/user-registration-state.model.ts b/shared/models/users/registration/user-registration-state.model.ts
new file mode 100644
index 000000000..e4c835f78
--- /dev/null
+++ b/shared/models/users/registration/user-registration-state.model.ts
@@ -0,0 +1,5 @@
+export const enum UserRegistrationState {
+  PENDING = 1,
+  REJECTED = 2,
+  ACCEPTED = 3
+}
diff --git a/shared/models/users/registration/user-registration-update-state.model.ts b/shared/models/users/registration/user-registration-update-state.model.ts
new file mode 100644
index 000000000..a1740dcca
--- /dev/null
+++ b/shared/models/users/registration/user-registration-update-state.model.ts
@@ -0,0 +1,4 @@
+export interface UserRegistrationUpdateState {
+  moderationResponse: string
+  preventEmailDelivery?: boolean
+}
diff --git a/shared/models/users/registration/user-registration.model.ts b/shared/models/users/registration/user-registration.model.ts
new file mode 100644
index 000000000..0d74dc28b
--- /dev/null
+++ b/shared/models/users/registration/user-registration.model.ts
@@ -0,0 +1,29 @@
+import { UserRegistrationState } from './user-registration-state.model'
+
+export interface UserRegistration {
+  id: number
+
+  state: {
+    id: UserRegistrationState
+    label: string
+  }
+
+  registrationReason: string
+  moderationResponse: string
+
+  username: string
+  email: string
+  emailVerified: boolean
+
+  accountDisplayName: string
+
+  channelHandle: string
+  channelDisplayName: string
+
+  createdAt: Date
+  updatedAt: Date
+
+  user?: {
+    id: number
+  }
+}
diff --git a/shared/models/users/user-notification.model.ts b/shared/models/users/user-notification.model.ts
index 0fd7a7181..294c921bd 100644
--- a/shared/models/users/user-notification.model.ts
+++ b/shared/models/users/user-notification.model.ts
@@ -32,7 +32,9 @@ export const enum UserNotificationType {
   NEW_PLUGIN_VERSION = 17,
   NEW_PEERTUBE_VERSION = 18,
 
-  MY_VIDEO_STUDIO_EDITION_FINISHED = 19
+  MY_VIDEO_STUDIO_EDITION_FINISHED = 19,
+
+  NEW_USER_REGISTRATION_REQUEST = 20
 }
 
 export interface VideoInfo {
@@ -126,6 +128,11 @@ export interface UserNotification {
     latestVersion: string
   }
 
+  registration?: {
+    id: number
+    username: string
+  }
+
   createdAt: string
   updatedAt: string
 }
diff --git a/shared/models/users/user-right.enum.ts b/shared/models/users/user-right.enum.ts
index 9c6828aa5..42e5c8cd6 100644
--- a/shared/models/users/user-right.enum.ts
+++ b/shared/models/users/user-right.enum.ts
@@ -43,5 +43,7 @@ export const enum UserRight {
   MANAGE_VIDEO_FILES = 25,
   RUN_VIDEO_TRANSCODING = 26,
 
-  MANAGE_VIDEO_IMPORTS = 27
+  MANAGE_VIDEO_IMPORTS = 27,
+
+  MANAGE_REGISTRATIONS = 28
 }
diff --git a/shared/server-commands/miscs/sql-command.ts b/shared/server-commands/miscs/sql-command.ts
index 823fc9e38..35cc2253f 100644
--- a/shared/server-commands/miscs/sql-command.ts
+++ b/shared/server-commands/miscs/sql-command.ts
@@ -13,101 +13,87 @@ export class SQLCommand extends AbstractCommand {
     return seq.query(`DELETE FROM "${table}"`, options)
   }
 
-  async getCount (table: string) {
-    const seq = this.getSequelize()
-
-    const options = { type: QueryTypes.SELECT as QueryTypes.SELECT }
-
-    const [ { total } ] = await seq.query<{ total: string }>(`SELECT COUNT(*) as total FROM "${table}"`, options)
+  async getVideoShareCount () {
+    const [ { total } ] = await this.selectQuery<{ total: string }>(`SELECT COUNT(*) as total FROM "videoShare"`)
     if (total === null) return 0
 
     return parseInt(total, 10)
   }
 
   async getInternalFileUrl (fileId: number) {
-    return this.selectQuery(`SELECT "fileUrl" FROM "videoFile" WHERE id = ${fileId}`)
-      .then(rows => rows[0].fileUrl as string)
+    return this.selectQuery<{ fileUrl: string }>(`SELECT "fileUrl" FROM "videoFile" WHERE id = :fileId`, { fileId })
+      .then(rows => rows[0].fileUrl)
   }
 
   setActorField (to: string, field: string, value: string) {
-    const seq = this.getSequelize()
-
-    const options = { type: QueryTypes.UPDATE }
-
-    return seq.query(`UPDATE actor SET "${field}" = '${value}' WHERE url = '${to}'`, options)
+    return this.updateQuery(`UPDATE actor SET ${this.escapeColumnName(field)} = :value WHERE url = :to`, { value, to })
   }
 
   setVideoField (uuid: string, field: string, value: string) {
-    const seq = this.getSequelize()
-
-    const options = { type: QueryTypes.UPDATE }
-
-    return seq.query(`UPDATE video SET "${field}" = '${value}' WHERE uuid = '${uuid}'`, options)
+    return this.updateQuery(`UPDATE video SET ${this.escapeColumnName(field)} = :value WHERE uuid = :uuid`, { value, uuid })
   }
 
   setPlaylistField (uuid: string, field: string, value: string) {
-    const seq = this.getSequelize()
-
-    const options = { type: QueryTypes.UPDATE }
-
-    return seq.query(`UPDATE "videoPlaylist" SET "${field}" = '${value}' WHERE uuid = '${uuid}'`, options)
+    return this.updateQuery(`UPDATE "videoPlaylist" SET ${this.escapeColumnName(field)} = :value WHERE uuid = :uuid`, { value, uuid })
   }
 
   async countVideoViewsOf (uuid: string) {
-    const seq = this.getSequelize()
-
     const query = 'SELECT SUM("videoView"."views") AS "total" FROM "videoView" ' +
-      `INNER JOIN "video" ON "video"."id" = "videoView"."videoId" WHERE "video"."uuid" = '${uuid}'`
-
-    const options = { type: QueryTypes.SELECT as QueryTypes.SELECT }
-    const [ { total } ] = await seq.query<{ total: number }>(query, options)
+      `INNER JOIN "video" ON "video"."id" = "videoView"."videoId" WHERE "video"."uuid" = :uuid`
 
+    const [ { total } ] = await this.selectQuery<{ total: number }>(query, { uuid })
     if (!total) return 0
 
     return forceNumber(total)
   }
 
   getActorImage (filename: string) {
-    return this.selectQuery(`SELECT * FROM "actorImage" WHERE filename = '${filename}'`)
+    return this.selectQuery<{ width: number, height: number }>(`SELECT * FROM "actorImage" WHERE filename = :filename`, { filename })
       .then(rows => rows[0])
   }
 
-  selectQuery (query: string) {
-    const seq = this.getSequelize()
-    const options = { type: QueryTypes.SELECT as QueryTypes.SELECT }
+  // ---------------------------------------------------------------------------
 
-    return seq.query<any>(query, options)
+  setPluginVersion (pluginName: string, newVersion: string) {
+    return this.setPluginField(pluginName, 'version', newVersion)
   }
 
-  updateQuery (query: string) {
-    const seq = this.getSequelize()
-    const options = { type: QueryTypes.UPDATE as QueryTypes.UPDATE }
+  setPluginLatestVersion (pluginName: string, newVersion: string) {
+    return this.setPluginField(pluginName, 'latestVersion', newVersion)
+  }
 
-    return seq.query(query, options)
+  setPluginField (pluginName: string, field: string, value: string) {
+    return this.updateQuery(
+      `UPDATE "plugin" SET ${this.escapeColumnName(field)} = :value WHERE "name" = :pluginName`,
+      { pluginName, value }
+    )
   }
 
   // ---------------------------------------------------------------------------
 
-  setPluginField (pluginName: string, field: string, value: string) {
+  selectQuery <T extends object> (query: string, replacements: { [id: string]: string | number } = {}) {
     const seq = this.getSequelize()
+    const options = {
+      type: QueryTypes.SELECT as QueryTypes.SELECT,
+      replacements
+    }
 
-    const options = { type: QueryTypes.UPDATE }
-
-    return seq.query(`UPDATE "plugin" SET "${field}" = '${value}' WHERE "name" = '${pluginName}'`, options)
+    return seq.query<T>(query, options)
   }
 
-  setPluginVersion (pluginName: string, newVersion: string) {
-    return this.setPluginField(pluginName, 'version', newVersion)
-  }
+  updateQuery (query: string, replacements: { [id: string]: string | number } = {}) {
+    const seq = this.getSequelize()
+    const options = { type: QueryTypes.UPDATE as QueryTypes.UPDATE, replacements }
 
-  setPluginLatestVersion (pluginName: string, newVersion: string) {
-    return this.setPluginField(pluginName, 'latestVersion', newVersion)
+    return seq.query(query, options)
   }
 
   // ---------------------------------------------------------------------------
 
   async getPlaylistInfohash (playlistId: number) {
-    const result = await this.selectQuery('SELECT "p2pMediaLoaderInfohashes" FROM "videoStreamingPlaylist" WHERE id = ' + playlistId)
+    const query = 'SELECT "p2pMediaLoaderInfohashes" FROM "videoStreamingPlaylist" WHERE id = :playlistId'
+
+    const result = await this.selectQuery<{ p2pMediaLoaderInfohashes: string }>(query, { playlistId })
     if (!result || result.length === 0) return []
 
     return result[0].p2pMediaLoaderInfohashes
@@ -116,19 +102,14 @@ export class SQLCommand extends AbstractCommand {
   // ---------------------------------------------------------------------------
 
   setActorFollowScores (newScore: number) {
-    const seq = this.getSequelize()
-
-    const options = { type: QueryTypes.UPDATE }
-
-    return seq.query(`UPDATE "actorFollow" SET "score" = ${newScore}`, options)
+    return this.updateQuery(`UPDATE "actorFollow" SET "score" = :newScore`, { newScore })
   }
 
   setTokenField (accessToken: string, field: string, value: string) {
-    const seq = this.getSequelize()
-
-    const options = { type: QueryTypes.UPDATE }
-
-    return seq.query(`UPDATE "oAuthToken" SET "${field}" = '${value}' WHERE "accessToken" = '${accessToken}'`, options)
+    return this.updateQuery(
+      `UPDATE "oAuthToken" SET ${this.escapeColumnName(field)} = :value WHERE "accessToken" = :accessToken`,
+      { value, accessToken }
+    )
   }
 
   async cleanup () {
@@ -157,4 +138,9 @@ export class SQLCommand extends AbstractCommand {
     return this.sequelize
   }
 
+  private escapeColumnName (columnName: string) {
+    return this.getSequelize().escape(columnName)
+      .replace(/^'/, '"')
+      .replace(/'$/, '"')
+  }
 }
diff --git a/shared/server-commands/requests/requests.ts b/shared/server-commands/requests/requests.ts
index dc9cf4e01..cb0e1a5fb 100644
--- a/shared/server-commands/requests/requests.ts
+++ b/shared/server-commands/requests/requests.ts
@@ -199,7 +199,7 @@ function buildRequest (req: request.Test, options: CommonRequestParams) {
   return req.expect((res) => {
     if (options.expectedStatus && res.status !== options.expectedStatus) {
       throw new Error(`Expected status ${options.expectedStatus}, got ${res.status}. ` +
-        `\nThe server responded this error: "${res.body?.error ?? res.text}".\n` +
+        `\nThe server responded: "${res.body?.error ?? res.text}".\n` +
         'You may take a closer look at the logs. To see how to do so, check out this page: ' +
         'https://github.com/Chocobozzz/PeerTube/blob/develop/support/doc/development/tests.md#debug-server-logs')
     }
diff --git a/shared/server-commands/server/config-command.ts b/shared/server-commands/server/config-command.ts
index 1c2315ed1..eb6bb95a5 100644
--- a/shared/server-commands/server/config-command.ts
+++ b/shared/server-commands/server/config-command.ts
@@ -18,6 +18,33 @@ export class ConfigCommand extends AbstractCommand {
     }
   }
 
+  // ---------------------------------------------------------------------------
+
+  static getEmailOverrideConfig (emailPort: number) {
+    return {
+      smtp: {
+        hostname: '127.0.0.1',
+        port: emailPort
+      }
+    }
+  }
+
+  // ---------------------------------------------------------------------------
+
+  enableSignup (requiresApproval: boolean, limit = -1) {
+    return this.updateExistingSubConfig({
+      newConfig: {
+        signup: {
+          enabled: true,
+          requiresApproval,
+          limit
+        }
+      }
+    })
+  }
+
+  // ---------------------------------------------------------------------------
+
   disableImports () {
     return this.setImportsEnabled(false)
   }
@@ -44,6 +71,16 @@ export class ConfigCommand extends AbstractCommand {
     })
   }
 
+  // ---------------------------------------------------------------------------
+
+  enableChannelSync () {
+    return this.setChannelSyncEnabled(true)
+  }
+
+  disableChannelSync () {
+    return this.setChannelSyncEnabled(false)
+  }
+
   private setChannelSyncEnabled (enabled: boolean) {
     return this.updateExistingSubConfig({
       newConfig: {
@@ -56,13 +93,7 @@ export class ConfigCommand extends AbstractCommand {
     })
   }
 
-  enableChannelSync () {
-    return this.setChannelSyncEnabled(true)
-  }
-
-  disableChannelSync () {
-    return this.setChannelSyncEnabled(false)
-  }
+  // ---------------------------------------------------------------------------
 
   enableLive (options: {
     allowReplay?: boolean
@@ -142,6 +173,8 @@ export class ConfigCommand extends AbstractCommand {
     })
   }
 
+  // ---------------------------------------------------------------------------
+
   enableStudio () {
     return this.updateExistingSubConfig({
       newConfig: {
@@ -152,6 +185,8 @@ export class ConfigCommand extends AbstractCommand {
     })
   }
 
+  // ---------------------------------------------------------------------------
+
   getConfig (options: OverrideCommandOptions = {}) {
     const path = '/api/v1/config'
 
@@ -304,6 +339,7 @@ export class ConfigCommand extends AbstractCommand {
       signup: {
         enabled: false,
         limit: 5,
+        requiresApproval: true,
         requiresEmailVerification: false,
         minimumAge: 16
       },
diff --git a/shared/server-commands/server/server.ts b/shared/server-commands/server/server.ts
index ae1395a74..793fae3a8 100644
--- a/shared/server-commands/server/server.ts
+++ b/shared/server-commands/server/server.ts
@@ -18,6 +18,7 @@ import {
   BlocklistCommand,
   LoginCommand,
   NotificationsCommand,
+  RegistrationsCommand,
   SubscriptionsCommand,
   TwoFactorCommand,
   UsersCommand
@@ -147,6 +148,7 @@ export class PeerTubeServer {
   views?: ViewsCommand
   twoFactor?: TwoFactorCommand
   videoToken?: VideoTokenCommand
+  registrations?: RegistrationsCommand
 
   constructor (options: { serverNumber: number } | { url: string }) {
     if ((options as any).url) {
@@ -430,5 +432,6 @@ export class PeerTubeServer {
     this.views = new ViewsCommand(this)
     this.twoFactor = new TwoFactorCommand(this)
     this.videoToken = new VideoTokenCommand(this)
+    this.registrations = new RegistrationsCommand(this)
   }
 }
diff --git a/shared/server-commands/users/index.ts b/shared/server-commands/users/index.ts
index 1afc02dc1..404756539 100644
--- a/shared/server-commands/users/index.ts
+++ b/shared/server-commands/users/index.ts
@@ -4,6 +4,7 @@ export * from './blocklist-command'
 export * from './login'
 export * from './login-command'
 export * from './notifications-command'
+export * from './registrations-command'
 export * from './subscriptions-command'
 export * from './two-factor-command'
 export * from './users-command'
diff --git a/shared/server-commands/users/registrations-command.ts b/shared/server-commands/users/registrations-command.ts
new file mode 100644
index 000000000..f57f54b34
--- /dev/null
+++ b/shared/server-commands/users/registrations-command.ts
@@ -0,0 +1,151 @@
+import { pick } from '@shared/core-utils'
+import { HttpStatusCode, ResultList, UserRegistration, UserRegistrationRequest, UserRegistrationUpdateState } from '@shared/models'
+import { unwrapBody } from '../requests'
+import { AbstractCommand, OverrideCommandOptions } from '../shared'
+
+export class RegistrationsCommand extends AbstractCommand {
+
+  register (options: OverrideCommandOptions & Partial<UserRegistrationRequest> & Pick<UserRegistrationRequest, 'username'>) {
+    const { password = 'password', email = options.username + '@example.com' } = options
+    const path = '/api/v1/users/register'
+
+    return this.postBodyRequest({
+      ...options,
+
+      path,
+      fields: {
+        ...pick(options, [ 'username', 'displayName', 'channel' ]),
+
+        password,
+        email
+      },
+      implicitToken: false,
+      defaultExpectedStatus: HttpStatusCode.NO_CONTENT_204
+    })
+  }
+
+  requestRegistration (
+    options: OverrideCommandOptions & Partial<UserRegistrationRequest> & Pick<UserRegistrationRequest, 'username' | 'registrationReason'>
+  ) {
+    const { password = 'password', email = options.username + '@example.com' } = options
+    const path = '/api/v1/users/registrations/request'
+
+    return unwrapBody<UserRegistration>(this.postBodyRequest({
+      ...options,
+
+      path,
+      fields: {
+        ...pick(options, [ 'username', 'displayName', 'channel', 'registrationReason' ]),
+
+        password,
+        email
+      },
+      implicitToken: false,
+      defaultExpectedStatus: HttpStatusCode.OK_200
+    }))
+  }
+
+  // ---------------------------------------------------------------------------
+
+  accept (options: OverrideCommandOptions & { id: number } & UserRegistrationUpdateState) {
+    const { id } = options
+    const path = '/api/v1/users/registrations/' + id + '/accept'
+
+    return this.postBodyRequest({
+      ...options,
+
+      path,
+      fields: pick(options, [ 'moderationResponse', 'preventEmailDelivery' ]),
+      implicitToken: true,
+      defaultExpectedStatus: HttpStatusCode.NO_CONTENT_204
+    })
+  }
+
+  reject (options: OverrideCommandOptions & { id: number } & UserRegistrationUpdateState) {
+    const { id } = options
+    const path = '/api/v1/users/registrations/' + id + '/reject'
+
+    return this.postBodyRequest({
+      ...options,
+
+      path,
+      fields: pick(options, [ 'moderationResponse', 'preventEmailDelivery' ]),
+      implicitToken: true,
+      defaultExpectedStatus: HttpStatusCode.NO_CONTENT_204
+    })
+  }
+
+  // ---------------------------------------------------------------------------
+
+  delete (options: OverrideCommandOptions & {
+    id: number
+  }) {
+    const { id } = options
+    const path = '/api/v1/users/registrations/' + id
+
+    return this.deleteRequest({
+      ...options,
+
+      path,
+      implicitToken: true,
+      defaultExpectedStatus: HttpStatusCode.NO_CONTENT_204
+    })
+  }
+
+  // ---------------------------------------------------------------------------
+
+  list (options: OverrideCommandOptions & {
+    start?: number
+    count?: number
+    sort?: string
+    search?: string
+  } = {}) {
+    const path = '/api/v1/users/registrations'
+
+    return this.getRequestBody<ResultList<UserRegistration>>({
+      ...options,
+
+      path,
+      query: pick(options, [ 'start', 'count', 'sort', 'search' ]),
+      implicitToken: true,
+      defaultExpectedStatus: HttpStatusCode.OK_200
+    })
+  }
+
+  // ---------------------------------------------------------------------------
+
+  askSendVerifyEmail (options: OverrideCommandOptions & {
+    email: string
+  }) {
+    const { email } = options
+    const path = '/api/v1/users/registrations/ask-send-verify-email'
+
+    return this.postBodyRequest({
+      ...options,
+
+      path,
+      fields: { email },
+      implicitToken: false,
+      defaultExpectedStatus: HttpStatusCode.NO_CONTENT_204
+    })
+  }
+
+  verifyEmail (options: OverrideCommandOptions & {
+    registrationId: number
+    verificationString: string
+  }) {
+    const { registrationId, verificationString } = options
+    const path = '/api/v1/users/registrations/' + registrationId + '/verify-email'
+
+    return this.postBodyRequest({
+      ...options,
+
+      path,
+      fields: {
+        verificationString
+      },
+      implicitToken: false,
+      defaultExpectedStatus: HttpStatusCode.NO_CONTENT_204
+    })
+  }
+}
diff --git a/shared/server-commands/users/users-command.ts b/shared/server-commands/users/users-command.ts
index 811b9685b..8a42fafc8 100644
--- a/shared/server-commands/users/users-command.ts
+++ b/shared/server-commands/users/users-command.ts
@@ -214,35 +214,6 @@ export class UsersCommand extends AbstractCommand {
     return this.server.login.getAccessToken({ username, password })
   }
 
-  register (options: OverrideCommandOptions & {
-    username: string
-    password?: string
-    displayName?: string
-    email?: string
-    channel?: {
-      name: string
-      displayName: string
-    }
-  }) {
-    const { username, password = 'password', displayName, channel, email = username + '@example.com' } = options
-    const path = '/api/v1/users/register'
-
-    return this.postBodyRequest({
-      ...options,
-
-      path,
-      fields: {
-        username,
-        password,
-        email,
-        displayName,
-        channel
-      },
-      implicitToken: false,
-      defaultExpectedStatus: HttpStatusCode.NO_CONTENT_204
-    })
-  }
-
   // ---------------------------------------------------------------------------
 
   getMyInfo (options: OverrideCommandOptions = {}) {