From 6a0fd92516a6dbad3cde3250ea967187910b6a9a Mon Sep 17 00:00:00 2001 From: Thomas Miceli Date: Mon, 17 Apr 2023 20:33:24 +0200 Subject: [PATCH] Block Oauth when signup is disabled --- internal/web/auth.go | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/internal/web/auth.go b/internal/web/auth.go index 1e21a6a..a396edb 100644 --- a/internal/web/auth.go +++ b/internal/web/auth.go @@ -162,6 +162,10 @@ func oauthCallback(ctx echo.Context) error { } if err = userDB.Create(); err != nil { + if getData(ctx, "signupDisabled") == true { + return errorRes(403, "Signing up is disabled", nil) + } + if models.IsUniqueConstraintViolation(err) { addFlash(ctx, "Username "+user.NickName+" already exists in Opengist", "error") return redirect(ctx, "/login")