Created global 'openRegistration' variable to control admin restricti…

…on over POST /users/regiser route
skelpo · Jun 5, 2018 · 8f623b5 · 8f623b5
1 parent 80aa7f3
commit 8f623b5
Show file tree

Hide file tree

Showing 2 changed files with 9 additions and 2 deletions.
diff --git a/Sources/App/Configuration/configure.swift b/Sources/App/Configuration/configure.swift
@@ -9,9 +9,14 @@ import Vapor
 
 /// Used to check wheather we should send a confirmation email when a user creates an account,
 /// or if they should be auto-confirmed.
-/// Note: This variable is set through the environment variable "EMAIL_CONFIRMATION" and "on/off" as values.
+/// - Note: This variable is set through the environment variable "EMAIL_CONFIRMATION" and "on/off" as values.
 var emailConfirmation: Bool = true
 
+/// The configuration key for wheather user registration is open to the public
+/// or must be executed by an admin user.
+/// - Note: This variable can be set through the environment variable "OPEN_REGISTRATION" and "on/off" as values.
+var openRegistration: Bool = false
+
 /// Called before your application initializes.
 ///
 /// https://docs.vapor.codes/3.0/getting-started/structure/#configureswift
@@ -91,7 +96,9 @@ public func configure(
 
     let emailFrom = Environment.get("EMAIL_FROM") ?? "info@skelpo.com"
     let emailURL = Environment.get("EMAIL_URL") ?? "http://localhost:8080/v1/users/activate"
+
     emailConfirmation = Environment.get("EMAIL_CONFIRMATION")=="on"
+    openRegistration = Environment.get("OPEN_REGISTRATION")=="off"
 
     /// Register the `AppConfig` service,
     /// used to store arbitrary data.

diff --git a/Sources/App/Controllers/AuthController.swift b/Sources/App/Controllers/AuthController.swift
@@ -11,7 +11,7 @@ import JWT
 /// A route controller that handles user authentication with JWT.
 final class AuthController: RouteCollection {
     func boot(router: Router) throws {
-        let restrictions = emailConfirmation ? [] : [RouteRestriction<UserStatus>(.POST, at: any, "users", "register", allowed: [.admin])]
+        let restrictions = openRegistration ? [] : [RouteRestriction<UserStatus>(.POST, at: any, "users", "register", allowed: [.admin])]
 
         let auth = router.grouped(any, "users").grouped(
             RouteRestrictionMiddleware<UserStatus, Payload, User>(