diff --git a/config_example.json b/config_example.json
index 0d59ccf..4eea3ba 100644
--- a/config_example.json
+++ b/config_example.json
@@ -114,6 +114,7 @@
"swf_thumb": "/s/img/swf.png",
"open_registration": true,
"open_registration_web_toggle": false,
+ "open_registration_require_mail_andor_token": false,
"private_society": false,
"private_society_gate": "cloudflare",
"paths": {
diff --git a/src/inc/routes/register.mjs b/src/inc/routes/register.mjs
index cf1c8f8..476d539 100644
--- a/src/inc/routes/register.mjs
+++ b/src/inc/routes/register.mjs
@@ -1,7 +1,7 @@
import db from "../sql.mjs";
import lib from "../lib.mjs";
import security from "../security.mjs";
-import { getRegistrationOpen, getDefaultLayout } from "../settings.mjs";
+import { getRegistrationOpen, getRegistrationRequireMailAndorToken, getDefaultLayout } from "../settings.mjs";
import { sendMail } from "../../lib/smtp.mjs";
import cfg from "../config.mjs";
import crypto from "crypto";
@@ -92,22 +92,28 @@ export default (router, tpl) => {
let activated = true;
let activationToken = null;
- if (!token && !getRegistrationOpen()) {
+ const registrationOpen = getRegistrationOpen();
+ const requireMailOrToken = getRegistrationRequireMailAndorToken();
+
+ if (!registrationOpen && !token) {
+ // Closed registration — invite token is always required
return renderError("Invite token is required for registration.");
}
if (token) {
+ // Invite token path — validate and activate immediately
const tokenRow = await db`
select * from invite_tokens where token = ${token} and is_used = false
`;
if (tokenRow.length === 0) return renderError("Invalid or used invite token");
- // Token used, so it will be activated by default
- } else {
- // No token, Open Registration
- if (!email || !email.includes('@')) return renderError("A valid email is required for no-token registration.");
+ // Token is valid; account activated immediately
+ } else if (requireMailOrToken) {
+ // Open registration but email/token required — email path
+ if (!email || !email.includes('@')) return renderError("A valid email is required for registration.");
activated = false;
activationToken = crypto.randomBytes(32).toString('hex');
}
+ // else: open registration, no mail/token required — just username+password, activated immediately
// Check user existence
const existing = await db`
diff --git a/src/inc/settings.mjs b/src/inc/settings.mjs
index 387007a..ad76a92 100644
--- a/src/inc/settings.mjs
+++ b/src/inc/settings.mjs
@@ -49,6 +49,11 @@ export const getRegistrationOpen = () => {
};
export const setRegistrationOpen = (val) => registration_open = !!val;
+// When false (default): open_registration=true means anyone can register with just username+password, activated immediately.
+// When true: even in open registration, a valid email OR invite token is required.
+export const getRegistrationRequireMailAndorToken = () => !!cfg.websrv.open_registration_require_mail_andor_token;
+export const setRegistrationRequireMailAndorToken = (val) => {}; // No-op, strictly config-based
+
export const getTrustedUploads = () => trusted_uploads;
export const setTrustedUploads = (val) => trusted_uploads = Math.max(0, parseInt(val) ?? 3);
diff --git a/src/index.mjs b/src/index.mjs
index a8d0097..15121f0 100644
--- a/src/index.mjs
+++ b/src/index.mjs
@@ -1075,6 +1075,7 @@ process.on('uncaughtException', err => {
get min_tags() { return getMinTags(); },
get registration_open() { return getRegistrationOpen(); },
registration_web_toggle_enabled: cfg.websrv.open_registration_web_toggle !== false,
+ registration_require_mail_andor_token: !!cfg.websrv.open_registration_require_mail_andor_token,
get trusted_uploads() { return getTrustedUploads(); },
get shitpost_mode() { return getShitpostMode(); },
shitpost_require_rating: !!cfg.websrv.shitpost_require_rating,
diff --git a/views/register.html b/views/register.html
index 96ad53f..c9b3dfb 100644
--- a/views/register.html
+++ b/views/register.html
@@ -23,10 +23,10 @@
- @if(registration_open)
-
- @else
+ @if(!registration_open)
+ @elseif(registration_require_mail_andor_token)
+
@endif
diff --git a/views/snippets/navbar.html b/views/snippets/navbar.html index 270f6fc..6f5d2eb 100644 --- a/views/snippets/navbar.html +++ b/views/snippets/navbar.html @@ -338,10 +338,10 @@ - @if(registration_open) - - @else + @if(!registration_open) + @elseif(registration_require_mail_andor_token) + @endif