From 22cffaffcab82b907d72ecd16294b7177ed007df Mon Sep 17 00:00:00 2001 From: Miguel Nogueira Date: Wed, 6 Aug 2025 13:35:37 +0100 Subject: [PATCH] feat: add registration control setting, invites (WIP) Signed-off-by: Miguel Nogueira --- app/Http/Controllers/OptionsController.php | 3 + .../SecuritySettingsController.php | 1 + app/Services/SecuritySettingsService.php | 1 + database/seeders/DefaultOptionsSeeder.php | 1 + resources/views/auth/register.blade.php | 194 +++++++++++------- .../views/breadcrumbs/auth/main.blade.php | 2 +- .../administration/settings.blade.php | 8 + routes/web.php | 4 + 8 files changed, 134 insertions(+), 80 deletions(-) diff --git a/app/Http/Controllers/OptionsController.php b/app/Http/Controllers/OptionsController.php index 7fbbcc3..6285faf 100644 --- a/app/Http/Controllers/OptionsController.php +++ b/app/Http/Controllers/OptionsController.php @@ -55,6 +55,9 @@ class OptionsController extends Controller 'requiresPMC' => Options::getOption('requireGameLicense'), 'enforce2fa' => Options::getOption('force2fa'), ], + 'features' => [ + 'enableRegistrations' => Options::getOption('enable_registrations') + ], 'currentGame' => Options::getOption('currentGame'), ]); } diff --git a/app/Http/Controllers/SecuritySettingsController.php b/app/Http/Controllers/SecuritySettingsController.php index af0ba31..7a53ab7 100644 --- a/app/Http/Controllers/SecuritySettingsController.php +++ b/app/Http/Controllers/SecuritySettingsController.php @@ -21,6 +21,7 @@ class SecuritySettingsController extends Controller 'pwExpiry' => $request->pwExpiry, 'enforce2fa' => $request->enforce2fa, 'requirePMC' => $request->requirePMC, + 'enable_registrations' => $request->input('enable_registrations') ]); return redirect() diff --git a/app/Services/SecuritySettingsService.php b/app/Services/SecuritySettingsService.php index b170b0f..763940b 100644 --- a/app/Services/SecuritySettingsService.php +++ b/app/Services/SecuritySettingsService.php @@ -40,6 +40,7 @@ class SecuritySettingsService Options::changeOption('password_expiry', $options['pwExpiry']); Options::changeOption('force2fa', $options['enforce2fa']); Options::changeOption('requireGameLicense', $options['requirePMC']); + Options::changeOption('enable_registrations', $options['enable_registrations']); return true; } diff --git a/database/seeders/DefaultOptionsSeeder.php b/database/seeders/DefaultOptionsSeeder.php index 365a0b7..001bde3 100644 --- a/database/seeders/DefaultOptionsSeeder.php +++ b/database/seeders/DefaultOptionsSeeder.php @@ -54,5 +54,6 @@ class DefaultOptionsSeeder extends Seeder Options::setOption('enable_slack_notifications', true, 'Enable slack notifications', 'notifications'); Options::setOption('enable_email_notifications', true, 'Enable e-mail notifications', 'notifications'); + Options::setOption('enable_registrations', true, 'Enable sign-uos', 'app_features'); } } diff --git a/resources/views/auth/register.blade.php b/resources/views/auth/register.blade.php index 2e16ffd..b3c81c1 100644 --- a/resources/views/auth/register.blade.php +++ b/resources/views/auth/register.blade.php @@ -13,98 +13,134 @@
- - @if(\App\Facades\Options::getOption('pw_security_policy') !== 'off') + @if(\App\Facades\Options::getOption('enable_registrations') == true) + -
- × -

{{__('Basic password security')}}

-

{{__("For your security, we implement strict password policies. It's also advisable to let your password manager or browser generate and save passwords for you (if it's a private device).")}}

+ @if(\App\Facades\Options::getOption('pw_security_policy') !== 'off') -

{{__('Passwords must be a combination of:')}}

-
    - @switch(\App\Facades\Options::getOption('pw_security_policy')) +
    + × +

    {{__('Basic password security')}}

    +

    {{__("For your security, we implement strict password policies. It's also advisable to let your password manager or browser generate and save passwords for you (if it's a private device).")}}

    - @case('low') -
  • {{ __('A minimum of 10 characters') }}
    • - @break +

    {{__('Passwords must be a combination of:')}}

    +
      + @switch(\App\Facades\Options::getOption('pw_security_policy')) - @case('medium') -
    • {{ __('A minimum of 12 characters;') }}
      • -
    • {{ __('At least one special character;') }}
      • -
    • {{ __('Lower case and upper case characters') }}
      • - @break + @case('low') +
    • {{ __('A minimum of 10 characters') }}
      • + @break - @case('high') -
    • {{ __('A minimum of 20 characters;') }}
      • -
    • {{ __('At least one special character;') }}
      • -
    • {{ __('Lower case and upper case characters') }}
      • -
    • {{ __('At least one numerical character') }}
      • - @break + @case('medium') +
    • {{ __('A minimum of 12 characters;') }}
      • +
    • {{ __('At least one special character;') }}
      • +
    • {{ __('Lower case and upper case characters') }}
      • + @break - @endswitch -
    -
    + @case('high') +
  • {{ __('A minimum of 20 characters;') }}
    • +
  • {{ __('At least one special character;') }}
    • +
  • {{ __('Lower case and upper case characters') }}
    • +
  • {{ __('At least one numerical character') }}
    • + @break - @endif + @endswitch +
+
- @if($demoActive) -
-

{{ __('Warning') }}

-

{{ __('Do not use real credentials here. The application is in demo mode. Additionally, the database is wiped every day.') }}

+ @endif -

{{ __("Also note: If a game license is required to sign up, you may find valid MC usernames at NameMC. No special validation is performed other than contacting Mojang's authentication servers to verify the username's existence, therefore, you can use any username for testing purposes.") }}

+ @if($demoActive) +
+

{{ __('Warning') }}

+

{{ __('Do not use real credentials here. The application is in demo mode. Additionally, the database is wiped every day.') }}

+ +

{{ __("Also note: If a game license is required to sign up, you may find valid MC usernames at NameMC. No special validation is performed other than contacting Mojang's authentication servers to verify the username's existence, therefore, you can use any username for testing purposes.") }}

+
+ @endif + +
+ @csrf +
+ + +
+
+ + +
+
+ + +
+
+ + +
+ +
+ + + {!! __("Why do we need this? We use your age information to make sure you meet age requirements for certain positions, and to make sure that everyone is compliant with our terms of service.") !!} +
+ + @if(\App\Facades\Options::getOption('requireGameLicense') && \App\Facades\Options::getOption('currentGame') == 'MINECRAFT') +
+ + +
+ @endif + +
+ +
+ + +
+ + + @else +
+ {{ __('Sorry, but new signups are currently closed.') }} +

{{ __('Due to an internal policy, new accounts cannot be created, and so you will not be able to sign up for an account. If you already have an account with us, you can still sign-in as you usually would.') }}

+ +
+ {{ __('I\'m trying to sign up so I can apply for a vacancy here. What does this restriction mean for me?') }} +

{{ __('Effectively, this means that you will not be able to apply for any of our vacancies unless you already have an account. However, if you\'ve received an invitation to create an account or apply for a vacancy, you still can, but you must use the sign-up invitation link sent to your email address.') }}

+

{!! __('Alternatively, if you don\'t have an invitation, feel free to :requestInviteLink.', ['requestInviteLink' => '' . __('request an invite') . '']) !!}

+
+ + + + @endif -
- @csrf -
- - -
-
- - -
-
- - -
-
- - -
- -
- - - {!! __("Why do we need this? We use your age information to make sure you meet age requirements for certain positions, and to make sure that everyone is compliant with our terms of service.") !!} -
- - @if(\App\Facades\Options::getOption('requireGameLicense') && \App\Facades\Options::getOption('currentGame') == 'MINECRAFT') -
- - -
- @endif - -
- -
- - -
- - -
+
+ + + +

{{ __('Unchecking this box will stop people from signing up to :appName and disable the associated form. However, you will still be able to invite users and create new accounts from the administrative UI if you so choose.', ['appName' => config('app.name')]) }}

+ +
+ diff --git a/routes/web.php b/routes/web.php index 635e8ec..e884c94 100644 --- a/routes/web.php +++ b/routes/web.php @@ -29,6 +29,7 @@ use App\Http\Controllers\DashboardController; use App\Http\Controllers\DevToolsController; use App\Http\Controllers\FormController; use App\Http\Controllers\HomeController; +use App\Http\Controllers\InvitationController; use App\Http\Controllers\OptionsController; use App\Http\Controllers\ProfileController; use App\Http\Controllers\SecuritySettingsController; @@ -57,6 +58,9 @@ Route::group(['prefix' => LaravelLocalization::setLocale(), 'middleware' => ['lo 'verify' => true, ]); + Route::post('/invitations/request', [InvitationController::class, 'requestInvite']) + ->name('invitations.request'); + Route::post('/twofa/authenticate', [TwofaController::class, 'verify2FA']) ->name('verify2FA');