mirror of
https://forgejo.ellis.link/continuwuation/continuwuity/
synced 2026-07-09 13:01:42 +00:00
Compare commits
1 Commits
| Author | SHA1 | Date | |
|---|---|---|---|
| b732c3ad8a |
@@ -1959,10 +1959,8 @@
|
||||
#
|
||||
#sender =
|
||||
|
||||
# Whether to allow public registration with an email address.
|
||||
#
|
||||
# Note that, if this option is enabled, anyone will be able to register an
|
||||
# account with just an email address.
|
||||
# Whether to require that users provide an email address when they
|
||||
# register.
|
||||
#
|
||||
# If either this option or `require_email_for_token_registration` are set,
|
||||
# users will not be allowed to remove their email address.
|
||||
@@ -1970,7 +1968,6 @@
|
||||
#require_email_for_registration = false
|
||||
|
||||
# Whether to require that users who register with a registration token
|
||||
# provide an email address. This option is independent of
|
||||
# `require_email_for_registration`.
|
||||
# provide an email address.
|
||||
#
|
||||
#require_email_for_token_registration = false
|
||||
|
||||
+17
-4
@@ -9,6 +9,7 @@
|
||||
AccessToken, AccessTokenOptional, AppserviceToken, AppserviceTokenOptional,
|
||||
AuthScheme, NoAccessToken, NoAuthentication,
|
||||
},
|
||||
client,
|
||||
federation::authentication::ServerSignatures,
|
||||
},
|
||||
};
|
||||
@@ -116,10 +117,9 @@ async fn verify<B: AsRef<[u8]> + Sync>(
|
||||
.await
|
||||
.is_ok_and(std::convert::identity)
|
||||
{
|
||||
if !(route == TypeId::of::<ruma::api::client::session::logout::v3::Request>()
|
||||
|| route
|
||||
== TypeId::of::<ruma::api::client::session::logout_all::v3::Request>(
|
||||
)) {
|
||||
if !(route == TypeId::of::<client::session::logout::v3::Request>()
|
||||
|| route == TypeId::of::<client::session::logout_all::v3::Request>())
|
||||
{
|
||||
return Err!(Request(Unauthorized("Your account is locked.")));
|
||||
}
|
||||
}
|
||||
@@ -258,6 +258,19 @@ async fn verify<B: AsRef<[u8]> + Sync>(
|
||||
err!(Request(Unauthorized(warn!("Failed to extract authorization: {}", err))))
|
||||
})?;
|
||||
|
||||
// Check special access restrictions
|
||||
if (route == TypeId::of::<client::profile::get_avatar_url::v3::Request>()
|
||||
|| route == TypeId::of::<client::profile::get_display_name::v3::Request>()
|
||||
|| route == TypeId::of::<client::profile::get_profile_field::v3::Request>()
|
||||
|| route == TypeId::of::<client::profile::get_profile::v3::Request>())
|
||||
&& services.config.require_auth_for_profile_requests
|
||||
&& token.is_none()
|
||||
{
|
||||
return Err!(Request(Unauthorized(
|
||||
"This server requires authentication to access user profiles."
|
||||
)));
|
||||
}
|
||||
|
||||
<AccessTokenOptional as CheckAuth>::verify(services, token, request, query, route).await
|
||||
}
|
||||
}
|
||||
|
||||
@@ -2318,10 +2318,8 @@ pub struct SmtpConfig {
|
||||
/// - `address@domain.org` to not use a name
|
||||
pub sender: Mailbox,
|
||||
|
||||
/// Whether to allow public registration with an email address.
|
||||
///
|
||||
/// Note that, if this option is enabled, anyone will be able to register an
|
||||
/// account with just an email address.
|
||||
/// Whether to require that users provide an email address when they
|
||||
/// register.
|
||||
///
|
||||
/// If either this option or `require_email_for_token_registration` are set,
|
||||
/// users will not be allowed to remove their email address.
|
||||
@@ -2331,8 +2329,7 @@ pub struct SmtpConfig {
|
||||
pub require_email_for_registration: bool,
|
||||
|
||||
/// Whether to require that users who register with a registration token
|
||||
/// provide an email address. This option is independent of
|
||||
/// `require_email_for_registration`.
|
||||
/// provide an email address.
|
||||
///
|
||||
/// default: false
|
||||
#[serde(default)]
|
||||
|
||||
Reference in New Issue
Block a user