Disable public user registration #1873

Closed
tmelikoff opened this Issue Apr 6, 2016 · 15 comments

Comments

Projects
None yet
@tmelikoff

It would be really useful to disable public user registration and allowing only the administrator to create new accounts. I believe that some of us use wallabag only for personal use (or family).

Also, if such option (configuration file or switch in control panel) were enabled, registration button should be hidden in the homepage.

Thank you.

@tcitworld tcitworld added the Feature label Apr 6, 2016

@tcitworld tcitworld added this to the 2.0.1 milestone Apr 6, 2016

@nicosomb nicosomb modified the milestones: 2.2.0, 2.0.1 Apr 6, 2016

@NerosTie

This comment has been minimized.

Show comment
Hide comment
@NerosTie

NerosTie Apr 7, 2016

Until there is a solution and if you use Nginx, add this in your configuration:

    location ^~ /register {
      deny all;
      return 403;
    }

NerosTie commented Apr 7, 2016

Until there is a solution and if you use Nginx, add this in your configuration:

    location ^~ /register {
      deny all;
      return 403;
    }
@ebal

This comment has been minimized.

Show comment
Hide comment
@ebal

ebal Apr 12, 2016

This is the work-around for httpd-2.2.15

 <LocationMatch "/register">
     Deny from All
 </LocationMatch>

ebal commented Apr 12, 2016

This is the work-around for httpd-2.2.15

 <LocationMatch "/register">
     Deny from All
 </LocationMatch>
@fabsh

This comment has been minimized.

Show comment
Hide comment
@fabsh

fabsh May 3, 2016

Uhm. This is a rather important feature, I would think. I'm guessing a lot of people install this app to for their own use only. I would like to be able to prevent other people from using my server resources. Version 2.x suggest production ready to me. But an app with such a glaring oversight can hadly be used in production...

Edit: Just to drive this point home... There could be very bad legal repercussions here. If somebody uses this to store links to illegal content on my server, it could mean serious jail time for me in my jurisdiction (Germany). Say child porn or links to neo nazi sites. This is bad.

fabsh commented May 3, 2016

Uhm. This is a rather important feature, I would think. I'm guessing a lot of people install this app to for their own use only. I would like to be able to prevent other people from using my server resources. Version 2.x suggest production ready to me. But an app with such a glaring oversight can hadly be used in production...

Edit: Just to drive this point home... There could be very bad legal repercussions here. If somebody uses this to store links to illegal content on my server, it could mean serious jail time for me in my jurisdiction (Germany). Say child porn or links to neo nazi sites. This is bad.

@nicosomb

This comment has been minimized.

Show comment
Hide comment
@nicosomb

nicosomb May 3, 2016

Member

@j0k3r what is the best way? A parameter (true/false)? If true, we hide the register button and we override the register route like here http://stackoverflow.com/a/32332378?

Member

nicosomb commented May 3, 2016

@j0k3r what is the best way? A parameter (true/false)? If true, we hide the register button and we override the register route like here http://stackoverflow.com/a/32332378?

@j0k3r j0k3r added the Easy bug label May 3, 2016

@j0k3r

This comment has been minimized.

Show comment
Hide comment
@j0k3r

j0k3r May 3, 2016

Member

@nicosomb Yeah could a good idea. An extra parameter in internal configuration.

Member

j0k3r commented May 3, 2016

@nicosomb Yeah could a good idea. An extra parameter in internal configuration.

@nicosomb

This comment has been minimized.

Show comment
Hide comment
@nicosomb

nicosomb May 3, 2016

Member

I think it's the easier way. OK, I change the milestone.

Member

nicosomb commented May 3, 2016

I think it's the easier way. OK, I change the milestone.

@nicosomb

This comment has been minimized.

Show comment
Hide comment
@nicosomb

nicosomb Aug 28, 2016

Member

Done by @tcitworld in #2186 👍 .

Member

nicosomb commented Aug 28, 2016

Done by @tcitworld in #2186 👍 .

@danicotillas

This comment has been minimized.

Show comment
Hide comment
@danicotillas

danicotillas Jun 1, 2017

@nicosomb I can´t find this option on the Configuration panel, How can i disable it?

@nicosomb I can´t find this option on the Configuration panel, How can i disable it?

@tcitworld

This comment has been minimized.

Show comment
Hide comment
@tcitworld

tcitworld Jun 1, 2017

Member

@danicotillas It's in the app/config/parameters.yml file, named fosuser_registration.

Member

tcitworld commented Jun 1, 2017

@danicotillas It's in the app/config/parameters.yml file, named fosuser_registration.

@danicotillas

This comment has been minimized.

Show comment
Hide comment
@danicotillas

danicotillas Jun 1, 2017

@tcitworld Thanks, I change it to "false" but it still appears... What are the changes I should make?

@tcitworld Thanks, I change it to "false" but it still appears... What are the changes I should make?

@tcitworld

This comment has been minimized.

Show comment
Hide comment
@tcitworld

tcitworld Jun 1, 2017

Member

Clear the cache bin/console cache:clear -e prod

Member

tcitworld commented Jun 1, 2017

Clear the cache bin/console cache:clear -e prod

@ecodiv

This comment has been minimized.

Show comment
Hide comment
@ecodiv

ecodiv Aug 13, 2017

I have changed the parameters.yml as suggested. But how do I clear the cache using the above? Do I need command line access I have Wallabag installed on a shared webhosting site, installed via Softaculous script installer)?

ecodiv commented Aug 13, 2017

I have changed the parameters.yml as suggested. But how do I clear the cache using the above? Do I need command line access I have Wallabag installed on a shared webhosting site, installed via Softaculous script installer)?

@ecodiv

This comment has been minimized.

Show comment
Hide comment
@ecodiv

ecodiv Aug 13, 2017

OK, got it, doing:

  1. Open the file in the folder app/config/parameters.yml
  2. Set fosuser_registration = false
  3. connect to your server using ssh (command line)
  4. Go to the root folder of your Wallabag installation
  5. Run php bin/console cache:clear -e prod

Would still be nice to have this as a click-able option on the internal configuration panel.

ecodiv commented Aug 13, 2017

OK, got it, doing:

  1. Open the file in the folder app/config/parameters.yml
  2. Set fosuser_registration = false
  3. connect to your server using ssh (command line)
  4. Go to the root folder of your Wallabag installation
  5. Run php bin/console cache:clear -e prod

Would still be nice to have this as a click-able option on the internal configuration panel.

@viktormadarasz

This comment has been minimized.

Show comment
Hide comment
@viktormadarasz

viktormadarasz Aug 29, 2017

Hi @ecodiv
I tried the same on my docker instance but it keeps regenerating the parameters.yml with the value true

Hi @ecodiv
I tried the same on my docker instance but it keeps regenerating the parameters.yml with the value true

@loomchild loomchild referenced this issue in puffinrocks/wallabag Sep 4, 2017

Open

Disable user registration #2

@STaRDoGG

This comment has been minimized.

Show comment
Hide comment
@STaRDoGG

STaRDoGG Mar 22, 2018

How come this isn't added as a simple check-box in the options?

Also, why isn't there a simple button/link in options to clear the cache? lol

How come this isn't added as a simple check-box in the options?

Also, why isn't there a simple button/link in options to clear the cache? lol

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment