From 961eaba0194d218ea053de2dac0f910bb87fce22 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Michael=20Loipf=C3=BChrer?= Date: Thu, 4 Jan 2024 18:52:49 +0100 Subject: [PATCH] feat: add config option to disable enamil confirmation --- abrechnung/application/users.py | 5 ++++- abrechnung/config.py | 1 + docs/usage/configuration.rst | 36 +++++++++++++++++++++++++++++---- tests/test_auth.py | 14 +++++++++++++ 4 files changed, 51 insertions(+), 5 deletions(-) diff --git a/abrechnung/application/users.py b/abrechnung/application/users.py index 62482986..75ac0b6c 100644 --- a/abrechnung/application/users.py +++ b/abrechnung/application/users.py @@ -53,6 +53,7 @@ def __init__( super().__init__(db_pool=db_pool, config=config) self.enable_registration = self.cfg.registration.enabled + self.require_email_confirmation = self.cfg.registration.require_email_confirmation self.allow_guest_users = self.cfg.registration.allow_guest_users self.valid_email_domains = self.cfg.registration.valid_email_domains @@ -172,7 +173,7 @@ async def demo_register_user(self, *, conn: Connection, username: str, email: st def _validate_email_address(email: str) -> str: try: valid = validate_email(email) - email = valid.email + email = valid.normalized except EmailNotValidError as e: raise InvalidCommand(str(e)) @@ -203,6 +204,8 @@ async def register_user( if not self.enable_registration: raise PermissionError(f"User registrations are disabled on this server") + requires_email_confirmation = self.require_email_confirmation and requires_email_confirmation + await _check_user_exists(conn=conn, username=username, email=email) email = self._validate_email_address(email) diff --git a/abrechnung/config.py b/abrechnung/config.py index 679fe107..9834637c 100644 --- a/abrechnung/config.py +++ b/abrechnung/config.py @@ -37,6 +37,7 @@ class RegistrationConfig(BaseModel): enabled: bool = False allow_guest_users: bool = False valid_email_domains: Optional[List[str]] = None + require_email_confirmation: bool = True class EmailConfig(BaseModel): diff --git a/docs/usage/configuration.rst b/docs/usage/configuration.rst index 2bca155b..f1f1b91f 100644 --- a/docs/usage/configuration.rst +++ b/docs/usage/configuration.rst @@ -67,8 +67,7 @@ The config will then look like port: 8080 id: default -In most cases there is no need to adjust either the ``host``, ``port`` or ``id`` options. For an overview of all -possible options see :ref:`abrechnung-config-all-options`. +In most cases there is no need to adjust either the ``host``, ``port`` or ``id`` options. E-Mail Delivery --------------- @@ -96,10 +95,39 @@ Currently supported ``mode`` options are The ``auth`` section is optional, if omitted the mail delivery daemon will try to connect to the mail server without authentication. -.. _abrechnung-config-all-options: +User Registration +----------------- + +This section allows to configure how users can register at the abrechnung instance. +By default open registration is disabled. + +When enabling registration without any additional settings any user will be able to create an account and use it after +a successful email confirmation. + +E-mail confirmation can be turned of by setting the respective config variable to ``false``. + +.. code-block:: yaml + + registration: + enabled: true + require_email_confirmation: true + +Additionally open registration can be restricted adding domains to the ``valid_email_domains`` config variable. +This will restrict account creation to users who possess an email from one of the configured domains. +To still allow outside users to take part the ``allow_guest_users`` flag can be set which enables users to create a +"guest" account when in possession of a valid group invite link. +Guest users will not be able to create new groups themselves but can take part in groups they are invited to normally. + +.. code-block:: yaml + + registration: + enabled: true + require_email_confirmation: true + valid_email_domains: ["some-domain.com"] + allow_guest_users: true Configuration via Environment Variables ----------------------- +--------------------------------------- All of the configuration options set in the config yaml file can also be set via environment variables. The respective environment variable name for a config variable is in the pattern ``ABRECHNUNG___``. diff --git a/tests/test_auth.py b/tests/test_auth.py index 84160797..78382e90 100644 --- a/tests/test_auth.py +++ b/tests/test_auth.py @@ -67,3 +67,17 @@ async def test_register_guest_user(self): email="invalid-something@something.com", password="asdf1234", ) + + async def test_register_without_email_confirmation(self): + config = TEST_CONFIG.model_copy(deep=True) + config.registration.require_email_confirmation = False + user_service = UserService(self.db_pool, config=config) + + user_id = await user_service.register_user( + username="guest user 1", + email="foobar@something.com", + password="asdf1234", + ) + self.assertIsNotNone(user_id) + user = await user_service.get_user(user_id=user_id) + self.assertFalse(user.pending)