From 39ab6e57d391fd9e6b6cd7b8e81b4140d8864a37 Mon Sep 17 00:00:00 2001 From: Daniel Friesel Date: Fri, 20 Aug 2021 22:52:02 +0200 Subject: allow registration to be denied for certain IPs, e.g. known spammers (yes, there are actually spambots flooding people with unsolicited registration e-mails) --- lib/Travelynx/Controller/Account.pm | 16 ++++++++++++++++ templates/_invalid_input.html.ep | 4 ++++ 2 files changed, 20 insertions(+) diff --git a/lib/Travelynx/Controller/Account.pm b/lib/Travelynx/Controller/Account.pm index db02dd1..12a059a 100644 --- a/lib/Travelynx/Controller/Account.pm +++ b/lib/Travelynx/Controller/Account.pm @@ -85,6 +85,22 @@ sub register { return; } + if ( my $registration_denylist + = $self->app->config->{registration}->{denylist} ) + { + open( my $fh, "<", $registration_denylist ) + or die("cannot open($registration_denylist)"); + while ( my $line = <$fh> ) { + chomp $line; + if ( $ip eq $line ) { + close($fh); + $self->render( 'register', invalid => "denylist" ); + return; + } + } + close($fh); + } + if ( my $error = $self->users->is_name_invalid( name => $user ) ) { $self->render( 'register', invalid => $error ); return; diff --git a/templates/_invalid_input.html.ep b/templates/_invalid_input.html.ep index 4cebf29..6b0fb65 100644 --- a/templates/_invalid_input.html.ep +++ b/templates/_invalid_input.html.ep @@ -78,6 +78,10 @@

Aus Sicherheitsgründen kann der Account nur nach Passworteingabe gelöscht werden.

% } + % elsif ($invalid eq 'denylist') { + Registrierung deaktiviert +

Für diesen Zugang ist derzeit keine Registrierung möglich.

+ % } % else { Fehler

<%= $invalid %>

-- cgit v1.2.3