aboutsummaryrefslogtreecommitdiffhomepage
path: root/src/Wallabag/ApiBundle
diff options
context:
space:
mode:
authorJeremy Benoist <jeremy.benoist@gmail.com>2017-06-02 10:19:33 +0200
committerJeremy Benoist <jeremy.benoist@gmail.com>2017-06-02 11:32:38 +0200
commit426bb453d295900fb3e35dce2f9081a42639cf27 (patch)
tree77fc6aedf17640a9d13a817e25fbd06ab89b471f /src/Wallabag/ApiBundle
parenta687c8d915276eee0c0494156700f7d0c0606735 (diff)
downloadwallabag-426bb453d295900fb3e35dce2f9081a42639cf27.tar.gz
wallabag-426bb453d295900fb3e35dce2f9081a42639cf27.tar.zst
wallabag-426bb453d295900fb3e35dce2f9081a42639cf27.zip
API user creation behing a toggle
I've added a toggle feature (in internal settings) so that user api creation can be disabled while form registration still can be enabled. Also, the /api/user endpoint shouldn't require authentication. Even if we check the authentication when sending a GET request, to retrieve current user information. I've moved all the internal settings definition to config to avoid duplicated place to define them. I don't know why we didn't did that earlier.
Diffstat (limited to 'src/Wallabag/ApiBundle')
-rw-r--r--src/Wallabag/ApiBundle/Controller/UserRestController.php6
1 files changed, 3 insertions, 3 deletions
diff --git a/src/Wallabag/ApiBundle/Controller/UserRestController.php b/src/Wallabag/ApiBundle/Controller/UserRestController.php
index a1b78e3f..1fc67d00 100644
--- a/src/Wallabag/ApiBundle/Controller/UserRestController.php
+++ b/src/Wallabag/ApiBundle/Controller/UserRestController.php
@@ -43,7 +43,7 @@ class UserRestController extends WallabagRestController
43 */ 43 */
44 public function putUserAction(Request $request) 44 public function putUserAction(Request $request)
45 { 45 {
46 if (!$this->container->getParameter('fosuser_registration')) { 46 if (!$this->getParameter('fosuser_registration') || !$this->get('craue_config')->get('api_user_registration')) {
47 $json = $this->get('serializer')->serialize(['error' => "Server doesn't allow registrations"], 'json'); 47 $json = $this->get('serializer')->serialize(['error' => "Server doesn't allow registrations"], 'json');
48 48
49 return (new JsonResponse())->setJson($json)->setStatusCode(403); 49 return (new JsonResponse())->setJson($json)->setStatusCode(403);
@@ -51,8 +51,8 @@ class UserRestController extends WallabagRestController
51 51
52 $userManager = $this->get('fos_user.user_manager'); 52 $userManager = $this->get('fos_user.user_manager');
53 $user = $userManager->createUser(); 53 $user = $userManager->createUser();
54 // enable created user by default 54 // user will be disabled BY DEFAULT to avoid spamming account to be created
55 $user->setEnabled(true); 55 $user->setEnabled(false);
56 56
57 $form = $this->createForm('Wallabag\UserBundle\Form\NewUserType', $user, [ 57 $form = $this->createForm('Wallabag\UserBundle\Form\NewUserType', $user, [
58 'csrf_protection' => false, 58 'csrf_protection' => false,