Allowing auth to be disabled in config.

2021-03-16 04:12:05 +01:00 · 2021-03-16 04:12:05 +01:00 · 0d7a03f3e5
parent 1703e9a541
commit 0d7a03f3e5
7 changed files with 36 additions and 3 deletions
--- a/assets/components/auth/login.vue
+++ b/assets/components/auth/login.vue
@ -64,6 +64,12 @@ async function login() {
 	}
 }

+function mounted() {
+	if (!this.$store.state.auth.enabled) {
+		this.$router.replace({ name: 'not-found' });
+	}
+}
+
 export default {
 	data() {
 		return {
@ -73,6 +79,7 @@ export default {
 			error: null,
 		};
 	},
+	mounted,
 	methods: {
 		login,
 	},
--- a/assets/components/auth/signup.vue
+++ b/assets/components/auth/signup.vue
@ -73,6 +73,12 @@ async function signup() {
 	}
 }

+function mounted() {
+	if (!this.$store.state.auth.enabled) {
+		this.$router.replace({ name: 'not-found' });
+	}
+}
+
 export default {
 	data() {
 		return {
@ -83,6 +89,7 @@ export default {
 			error: null,
 		};
 	},
+	mounted,
 	methods: {
 		signup,
 	},
--- a/assets/components/header/menu.vue
+++ b/assets/components/header/menu.vue
@ -2,13 +2,13 @@
 	<div class="menu">
 		<ul class="menu-items noselect">
 			<router-link
-				v-if="me"
+				v-if="auth && me"
 				:to="{ name: 'user', params: { username: me.username } }"
 				class="menu-username"
 			>{{ me.username }}</router-link>

 			<router-link
-				v-else
+				v-else-if="auth"
 				:to="{ name: 'login', query: { ref: $route.path } }"
 				class="menu-item"
 				@click.stop
@ -17,7 +17,7 @@
 			</router-link>

 			<li
-				v-if="me"
+				v-if="auth && me"
 				class="menu-item"
 				@click.stop="$store.dispatch('logout')"
 			>
@ -89,6 +89,10 @@ function theme(state) {
 	return state.ui.theme;
 }

+function auth(state) {
+	return state.auth.enabled;
+}
+
 function me(state) {
 	return state.auth.user;
 }
@ -104,6 +108,7 @@ function setSfw(enabled) {
 export default {
 	computed: {
 		...mapState({
+			auth,
 			sfw,
 			theme,
 			me,
--- a/assets/js/auth/state.js
+++ b/assets/js/auth/state.js
@ -1,3 +1,4 @@
 export default {
+	enabled: window.env.auth,
 	user: null,
 };
--- a/config/default.js
+++ b/config/default.js
@ -33,6 +33,9 @@ module.exports = {
 		accessKey: 'ABCDEFGHIJ1234567890',
 		secretKey: 'abcdefghijklmnopqrstuvwxyz1234567890ABCD',
 	},
+	auth: {
+		enabled: true,
+	},
 	exclude: {
 		channels: [
 			// 21sextreme, no longer updated
--- a/src/auth.js
+++ b/src/auth.js
@ -1,5 +1,6 @@
 'use strict';

+const config = require('config');
 const util = require('util');
 const crypto = require('crypto');

@ -21,6 +22,10 @@ async function verifyPassword(password, storedPassword) {
 }

 async function login(credentials) {
+	if (!config.auth.enabled) {
+		throw new HttpError('Authentication is disabled', 405);
+	}
+
 	const user = await fetchUser(credentials.username, true);

 	if (!user) {
@ -33,6 +38,10 @@ async function login(credentials) {
 }

 async function signup(credentials) {
+	if (!config.auth.enabled) {
+		throw new HttpError('Authentication is disabled', 405);
+	}
+
 	if (!credentials.username) {
 		throw new HttpError('Username required', 400);
 	}
--- a/src/web/server.js
+++ b/src/web/server.js
@ -116,6 +116,7 @@ async function initServer() {
 		res.render(path.join(__dirname, '../../assets/index.ejs'), {
 			env: JSON.stringify({
 				sfw: !!req.headers.sfw || Object.prototype.hasOwnProperty.call(req.query, 'sfw'),
+				auth: config.auth.enabled,
 				sessionId: req.session.safeId,
 			}),
 		});