Create invitations for closed registrations (#233)

2025-06-11 13:07:13 +02:00 · 2024-04-02 21:27:15 +02:00
parent 3f5f4e01f1
commit ef004675a5
14 changed files with 301 additions and 21 deletions
--- a/internal/db/db.go
+++ b/internal/db/db.go
@ -42,7 +42,7 @@ func Setup(dbPath string, sharedCache bool) error {
 		return err
 	}

-	if err = db.AutoMigrate(&User{}, &Gist{}, &SSHKey{}, &AdminSetting{}); err != nil {
+	if err = db.AutoMigrate(&User{}, &Gist{}, &SSHKey{}, &AdminSetting{}, &Invitation{}); err != nil {
 		return err
 	}

--- a/internal/db/invitation.go
+++ b/internal/db/invitation.go
@ -0,0 +1,87 @@
+package db
+
+import (
+	"math/rand"
+	"time"
+)
+
+type Invitation struct {
+	ID        uint `gorm:"primaryKey"`
+	Code      string
+	ExpiresAt int64
+	NbUsed    uint
+	NbMax     uint
+}
+
+func GetAllInvitations() ([]*Invitation, error) {
+	var invitations []*Invitation
+	err := db.
+		Order("(((expires_at >= strftime('%s', 'now')) AND ((nb_max <= 0) OR (nb_used < nb_max)))) desc").
+		Order("id asc").
+		Find(&invitations).Error
+
+	return invitations, err
+}
+
+func GetInvitationByID(id uint) (*Invitation, error) {
+	invitation := new(Invitation)
+	err := db.
+		Where("id = ?", id).
+		First(&invitation).Error
+	return invitation, err
+}
+
+func GetInvitationByCode(code string) (*Invitation, error) {
+	invitation := new(Invitation)
+	err := db.
+		Where("code = ?", code).
+		First(&invitation).Error
+	return invitation, err
+}
+
+func InvitationCodeExists(code string) (bool, error) {
+	var count int64
+	err := db.Model(&Invitation{}).Where("code = ?", code).Count(&count).Error
+	return count > 0, err
+}
+
+func (i *Invitation) Create() error {
+	i.Code = generateRandomCode()
+	return db.Create(&i).Error
+}
+
+func (i *Invitation) Update() error {
+	return db.Save(&i).Error
+}
+
+func (i *Invitation) Delete() error {
+	return db.Delete(&i).Error
+}
+
+func (i *Invitation) IsExpired() bool {
+	return i.ExpiresAt < time.Now().Unix()
+}
+
+func (i *Invitation) IsMaxedOut() bool {
+	return i.NbMax > 0 && i.NbUsed >= i.NbMax
+}
+
+func (i *Invitation) IsUsable() bool {
+	return !i.IsExpired() && !i.IsMaxedOut()
+}
+
+func (i *Invitation) Use() error {
+	i.NbUsed++
+	return i.Update()
+}
+
+func generateRandomCode() string {
+	const charset = "0123456789ABCDEF"
+	var seededRand = rand.New(rand.NewSource(time.Now().UnixNano()))
+	result := make([]byte, 16)
+
+	for i := range result {
+		result[i] = charset[seededRand.Intn(len(charset))]
+	}
+	return string(result)
+}
--- a/internal/i18n/locales/en-US.yml
+++ b/internal/i18n/locales/en-US.yml
@ -162,6 +162,8 @@ admin.general: General
 admin.users: Users
 admin.gists: Gists
 admin.configuration: Configuration
+admin.invitations: Invitations
+admin.invitations.create: Create invitation
 admin.versions: Versions
 admin.ssh_keys: SSH keys
 admin.stats: Stats
@ -195,3 +197,11 @@ admin.gists.private: Private ?
 admin.gists.nb-files: Nb. files
 admin.gists.nb-likes: Nb. likes
 admin.gists.delete_confirm: Do you want to delete this gist ?
+
+admin.invitations.help: Invitations can be used to create an account even if signing up is disabled.
+admin.invitations.max_uses: Max uses
+admin.invitations.expires_at: Expires at
+admin.invitations.code: Code
+admin.invitations.copy_link: Copy link
+admin.invitations.uses: Uses
+admin.invitations.expired: Expired
--- a/internal/web/admin.go
+++ b/internal/web/admin.go
@ -8,6 +8,7 @@ import (
 	"github.com/thomiceli/opengist/internal/git"
 	"runtime"
 	"strconv"
+	"time"
 )

 func adminIndex(ctx echo.Context) error {
@ -179,3 +180,59 @@ func adminSetConfig(ctx echo.Context) error {
 		"success": true,
 	})
 }
+
+func adminInvitations(ctx echo.Context) error {
+	setData(ctx, "title", "Invitations")
+	setData(ctx, "htmlTitle", "Invitations - Admin panel")
+	setData(ctx, "adminHeaderPage", "invitations")
+
+	var invitations []*db.Invitation
+	var err error
+	if invitations, err = db.GetAllInvitations(); err != nil {
+		return errorRes(500, "Cannot get invites", err)
+	}
+
+	setData(ctx, "invitations", invitations)
+	return html(ctx, "admin_invitations.html")
+}
+
+func adminInvitationsCreate(ctx echo.Context) error {
+	code := ctx.FormValue("code")
+	nbMax, err := strconv.ParseUint(ctx.FormValue("nbMax"), 10, 64)
+	if err != nil {
+		nbMax = 10
+	}
+
+	expiresAtUnix, err := strconv.ParseInt(ctx.FormValue("expiredAtUnix"), 10, 64)
+	if err != nil {
+		expiresAtUnix = time.Now().Unix() + 604800 // 1 week
+	}
+
+	invitation := &db.Invitation{
+		Code:      code,
+		ExpiresAt: expiresAtUnix,
+		NbMax:     uint(nbMax),
+	}
+
+	if err := invitation.Create(); err != nil {
+		return errorRes(500, "Cannot create invitation", err)
+	}
+
+	addFlash(ctx, "Invitation has been created", "success")
+	return redirect(ctx, "/admin-panel/invitations")
+}
+
+func adminInvitationsDelete(ctx echo.Context) error {
+	id, _ := strconv.ParseUint(ctx.Param("id"), 10, 64)
+	invitation, err := db.GetInvitationByID(uint(id))
+	if err != nil {
+		return errorRes(500, "Cannot retrieve invitation", err)
+	}
+
+	if err := invitation.Delete(); err != nil {
+		return errorRes(500, "Cannot delete this invitation", err)
+	}
+
+	addFlash(ctx, "Invitation has been deleted", "success")
+	return redirect(ctx, "/admin-panel/invitations")
+}
--- a/internal/web/auth.go
+++ b/internal/web/auth.go
@ -36,15 +36,38 @@ const (
 var title = cases.Title(language.English)

 func register(ctx echo.Context) error {
+	disableSignup := getData(ctx, "DisableSignup")
+	disableForm := getData(ctx, "DisableLoginForm")
+
+	code := ctx.QueryParam("code")
+	if code != "" {
+		if invitation, err := db.GetInvitationByCode(code); err != nil && !errors.Is(err, gorm.ErrRecordNotFound) {
+			return errorRes(500, "Cannot check for invitation code", err)
+		} else if invitation != nil && invitation.IsUsable() {
+			disableSignup = false
+		}
+	}
+
 	setData(ctx, "title", tr(ctx, "auth.new-account"))
 	setData(ctx, "htmlTitle", "New account")
-	setData(ctx, "disableForm", getData(ctx, "DisableLoginForm"))
+	setData(ctx, "disableForm", disableForm)
+	setData(ctx, "disableSignup", disableSignup)
 	setData(ctx, "isLoginPage", false)
 	return html(ctx, "auth_form.html")
 }

 func processRegister(ctx echo.Context) error {
-	if getData(ctx, "DisableSignup") == true {
+	disableSignup := getData(ctx, "DisableSignup")
+
+	code := ctx.QueryParam("code")
+	invitation, err := db.GetInvitationByCode(code)
+	if err != nil && !errors.Is(err, gorm.ErrRecordNotFound) {
+		return errorRes(500, "Cannot check for invitation code", err)
+	} else if invitation != nil && invitation.IsUsable() {
+		disableSignup = false
+	}
+
+	if disableSignup == true {
 		return errorRes(403, "Signing up is disabled", nil)
 	}

@ -90,6 +113,10 @@ func processRegister(ctx echo.Context) error {
 		}
 	}

+	if err := invitation.Use(); err != nil {
+		return errorRes(500, "Cannot use invitation", err)
+	}
+
 	sess.Values["user"] = user.ID
 	saveSession(sess, ctx)

--- a/internal/web/gist.go
+++ b/internal/web/gist.go
@ -74,21 +74,7 @@ func gistInit(next echo.HandlerFunc) echo.HandlerFunc {
 			}
 		}

-		httpProtocol := "http"
-		if ctx.Request().TLS != nil || ctx.Request().Header.Get("X-Forwarded-Proto") == "https" {
-			httpProtocol = "https"
-		}
-		setData(ctx, "httpProtocol", strings.ToUpper(httpProtocol))
-
-		var baseHttpUrl string
-		// if a custom external url is set, use it
-		if config.C.ExternalUrl != "" {
-			baseHttpUrl = config.C.ExternalUrl
-		} else {
-			baseHttpUrl = httpProtocol + "://" + ctx.Request().Host
-		}
-
-		setData(ctx, "baseHttpUrl", baseHttpUrl)
+		baseHttpUrl := getData(ctx, "baseHttpUrl").(string)

 		if config.C.HttpGit {
 			setData(ctx, "httpCloneUrl", baseHttpUrl+"/"+userName+"/"+gistName+".git")
--- a/internal/web/server.go
+++ b/internal/web/server.go
@ -271,6 +271,9 @@ func NewServer(isDev bool) *Server {
 			g2.POST("/users/:user/delete", adminUserDelete)
 			g2.GET("/gists", adminGists)
 			g2.POST("/gists/:gist/delete", adminGistDelete)
+			g2.GET("/invitations", adminInvitations)
+			g2.POST("/invitations", adminInvitationsCreate)
+			g2.POST("/invitations/:id/delete", adminInvitationsDelete)
 			g2.POST("/sync-fs", adminSyncReposFromFS)
 			g2.POST("/sync-db", adminSyncReposFromDB)
 			g2.POST("/gc-repos", adminGcRepos)
@ -381,6 +384,22 @@ func dataInit(next echo.HandlerFunc) echo.HandlerFunc {
 		setData(ctx, "giteaOauth", config.C.GiteaClientKey != "" && config.C.GiteaSecret != "")
 		setData(ctx, "oidcOauth", config.C.OIDCClientKey != "" && config.C.OIDCSecret != "" && config.C.OIDCDiscoveryUrl != "")

+		httpProtocol := "http"
+		if ctx.Request().TLS != nil || ctx.Request().Header.Get("X-Forwarded-Proto") == "https" {
+			httpProtocol = "https"
+		}
+		setData(ctx, "httpProtocol", strings.ToUpper(httpProtocol))
+
+		var baseHttpUrl string
+		// if a custom external url is set, use it
+		if config.C.ExternalUrl != "" {
+			baseHttpUrl = config.C.ExternalUrl
+		} else {
+			baseHttpUrl = httpProtocol + "://" + ctx.Request().Host
+		}
+
+		setData(ctx, "baseHttpUrl", baseHttpUrl)
+
 		return next(ctx)
 	}
 }