add(#1, #2, #4, #7): implemented registration within canaille

canaille/app/flask.py

@@ -80,6 +80,31 @@ def smtp_needed():
     return wrapper
 
 
+def registration_needed():
+    def wrapper(view_function):
+        @wraps(view_function)
+        def decorator(*args, **kwargs):
+            if "REGISTRATION" in current_app.config:
+                return view_function(*args, **kwargs)
+
+            message = _("Registration has not been enabled")
+            logging.warning(message)
+            return (
+                render_template(
+                    "error.html",
+                    error=500,
+                    icon="tools",
+                    debug=current_app.config.get("DEBUG", False),
+                    description=message,
+                ),
+                500,
+            )
+
+        return decorator
+
+    return wrapper
+
+
 def set_parameter_in_url_query(url, **kwargs):
     split = list(urlsplit(url))
     pairs = split[3].split("&")

canaille/conf/config.sample.toml

@@ -219,3 +219,9 @@ PUBLIC_KEY = "canaille/conf/public.pem"
 # LOGIN = ""
 # PASSWORD = ""
 # FROM_ADDR = "admin@mydomain.tld"
+
+# The registration options. If not set, registration will be disabled. Requires SMTP to work.
+# Groups should be formatted like this: ["<GROUP_NAME_ATTRIBUTE>=group_name,<GROUP_BASE>", ...]
+# [REGISTRATION]
+# GROUPS=[]
+# CAN_EDIT_USERNAME = false

canaille/core/account.py

@@ -11,7 +11,7 @@ from canaille.app import default_fields
 from canaille.app import models
 from canaille.app import obj_to_b64
 from canaille.app import profile_hash
-from canaille.app.flask import current_user
+from canaille.app.flask import current_user, registration_needed
 from canaille.app.flask import permissions_needed
 from canaille.app.flask import render_htmx_template
 from canaille.app.flask import request_is_htmx
@@ -44,7 +44,7 @@ from .forms import MINIMUM_PASSWORD_LENGTH
 from .forms import PasswordForm
 from .forms import PasswordResetForm
 from .forms import profile_form
-from .mails import send_invitation_mail
+from .mails import send_invitation_mail, send_registration_mail
 from .mails import send_password_initialization_mail
 from .mails import send_password_reset_mail
 
@@ -56,6 +56,12 @@ bp = Blueprint("account", __name__)
 def index():
     user = current_user()
 
+    if "SMTP" not in current_app.config:
+        return redirect(url_for("account.login"))
+
+    if "REGISTRATION" not in current_app.config:
+        return redirect(url_for("account.login"))
+
     if not user:
         return redirect(url_for("account.onboarding"))
 
@@ -70,9 +76,11 @@ def index():
     return redirect(url_for("account.about"))
 
 
-# TODO: ignore onboarding if SMTP not enabled, redirect to account.login
 @bp.route("/onboarding", methods=("GET", "POST"))
+@smtp_needed()
+@registration_needed()
 def onboarding():
+
     if current_user():
         return redirect(
             url_for("account.profile_edition", username=current_user().user_name[0])
@@ -96,9 +104,9 @@ def onboarding():
     )
 
 
-# TODO: add Captcha support
 @bp.route("/join", methods=("GET", "POST"))
 @smtp_needed()
+@registration_needed()
 def join():
     if current_user():
         return redirect(
@@ -107,16 +115,15 @@ def join():
     form = JoinForm(request.form or None)
 
     email_sent = None
-    registration_url = None
     form_validated = False
     if request.form and form.validate():
         form_validated = True
         invitation = Invitation(
             datetime.datetime.now(datetime.timezone.utc).isoformat(),
             form.user_name.data,
-            False,  # TODO: allow admin to set this in settings
+            current_app.config["REGISTRATION"].get("CAN_EDIT_USERNAME", False),
             form.email.data,
-            [],  # TODO: allow admin to set this in settings
+            current_app.config["REGISTRATION"].get("GROUPS", []),
         )
         registration_url = url_for(
             "account.registration",
@@ -125,13 +132,12 @@ def join():
             _external=True,
         )
 
-        email_sent = send_invitation_mail(form.email.data, registration_url)
+        email_sent = send_registration_mail(form.email.data, registration_url)
         if email_sent:
             flash(_("You've received an email to continue the registration process."), "success")
             return redirect(
                 url_for("account.login")
             )
-        # TODO: flash in case of server error
 
     return render_template(
         "profile_add.html",

demo/conf-docker/canaille.toml

@@ -215,7 +215,7 @@ PUBLIC_KEY = "conf/public.pem"
 # WEBSITE = "{{ user.profile_url[0] }}"
 
 # The SMTP server options. If not set, mail related features such as
-# user invitations, and password reset emails, will be disabled.
+# user invitations, password reset emails, and registration will be disabled.
 [SMTP]
 # HOST = "localhost"
 # PORT = 25
@@ -224,3 +224,9 @@ PUBLIC_KEY = "conf/public.pem"
 # LOGIN = ""
 # PASSWORD = ""
 # FROM_ADDR = "admin@mydomain.tld"
+
+# The registration options. If not set, registration will be disabled. Requires SMTP to work.
+# Groups should be formatted like this: ["<GROUP_NAME_ATTRIBUTE>=group_name,<GROUP_BASE>", ...]
+# [REGISTRATION]
+# GROUPS=[]
+# CAN_EDIT_USERNAME = false

demo/conf/canaille.toml

@@ -225,3 +225,10 @@ PUBLIC_KEY = "conf/public.pem"
 # LOGIN = ""
 # PASSWORD = ""
 # FROM_ADDR = "admin@mydomain.tld"
+
+
+# The registration options. If not set, registration will be disabled. Requires SMTP to work.
+# Groups should be formatted like this: ["<GROUP_NAME_ATTRIBUTE>=group_name,<GROUP_BASE>", ...]
+# [REGISTRATION]
+# GROUPS=[]
+# CAN_EDIT_USERNAME = false