demo user

2025-03-14 13:08:27 +03:00 · 2021-08-09 10:37:19 +05:30 · 2021-08-09 10:37:19 +05:30 · 3c72d27b36
commit 3c72d27b36
parent a5558e4b6f
11 changed files with 123 additions and 85 deletions
--- a/config/default.toml
+++ b/config/default.toml
@ -1,6 +1,8 @@
 debug = true
 source_code = "https://github.com/mCaptcha/mCaptcha"
 commercial = false
+allow_demo = false
+allow_registration = true

 [server]
 # Please set a unique value, your mCaptcha instance's security depends on this being 
@ -13,7 +15,6 @@ port = 7000
 ip= "0.0.0.0" 
 # enter your hostname, eg: example.com
 domain = "localhost"
-allow_registration = true
 # Set true if you have setup TLS with a reverse proxy like Nginx.
 # Does HTTPS redirect and sends additional headers that can only be used if
 # HTTPS available to improve security
--- a/docs/CONFIGURATION.md
+++ b/docs/CONFIGURATION.md
@ -19,11 +19,13 @@ you will be overriding the values set in the configuration files.

 ### General

-| Name                   | Value                                                                             |
-| ---------------------- | --------------------------------------------------------------------------------- |
-| `MCAPTCHA_CONFIG`      | Path to configuration file                                                        |
-| `MCAPTCHA_COMMERCIAL`  | Does this instance offer commercial plans? Please consider donating if it does :D |
-| `MCAPTCHA_SOURCE_CODE` | Link to the source code of this instance                                          |
+| Name                          | Value                                                                                                             |
+| ----------------------------- | ----------------------------------------------------------------------------------------------------------------- |
+| `MCAPTCHA_CONFIG`             | Path to configuration file                                                                                        |
+| `MCAPTCHA_COMMERCIAL`         | Does this instance offer commercial plans? Please consider donating if it does :D                                 |
+| `MCAPTCHA_SOURCE_CODE`        | Link to the source code of this instance                                                                          |
+| `MCAPTCHA_ALLOW_REGISTRATION` | Is registration allowed on this instance?                                                                         |
+| `MCAPTCHA_ALLOW_DEMO`         | Allow demo access to the server? If registration(previous option) is disabled then demo users will not be allowed |

 #### Database

@ -53,7 +55,6 @@ you will be overriding the values set in the configuration files.
 | `MCAPTCHA_SERVER_IP`                     | The IP address on which you want mCaptcha to listen to                             |
 | `MCAPTCHA_SERVER_DOMAIN`                 | Domain under which mCaptcha will be\*                                              |
 | `MCAPTCHA_SERVER_COOKIE_SECRET`          | Cookie secret, must be long and random                                             |
-| `MCAPTCHA_SERVER_ALLOW_REGISTRATION`     | `bool` that controls registration                                                  |
 | `MCAPTCHA_SERVER_PROXY_HAS_TLS`          | Is mCaptcha behind a proxy? If yes, mCaptcha can send additional headers like HSTS |

 \* Authentication doesn't work without `MCAPTCHA_DOMAIN` set to the correct domain
--- a/src/api/v1/account/mod.rs
+++ b/src/api/v1/account/mod.rs
@ -1,19 +1,19 @@
 /*
-* Copyright (C) 2021  Aravinth Manivannan <realaravinth@batsense.net>
-*
-* This program is free software: you can redistribute it and/or modify
-* it under the terms of the GNU Affero General Public License as
-* published by the Free Software Foundation, either version 3 of the
-* License, or (at your option) any later version.
-*
-* This program is distributed in the hope that it will be useful,
-* but WITHOUT ANY WARRANTY; without even the implied warranty of
-* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
-* GNU Affero General Public License for more details.
-*
-* You should have received a copy of the GNU Affero General Public License
-* along with this program.  If not, see <https://www.gnu.org/licenses/>.
-*/
+ * Copyright (C) 2021  Aravinth Manivannan <realaravinth@batsense.net>
+ *
+ * This program is free software: you can redistribute it and/or modify
+ * it under the terms of the GNU Affero General Public License as
+ * published by the Free Software Foundation, either version 3 of the
+ * License, or (at your option) any later version.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU Affero General Public License for more details.
+ *
+ * You should have received a copy of the GNU Affero General Public License
+ * along with this program.  If not, see <https://www.gnu.org/licenses/>.
+ */

 use serde::{Deserialize, Serialize};

--- a/src/api/v1/account/username.rs
+++ b/src/api/v1/account/username.rs
@ -25,24 +25,36 @@ async fn username_exists(
    payload: web::Json<AccountCheckPayload>,
    data: AppData,
 ) -> ServiceResult<impl Responder> {
-    let res = sqlx::query!(
-        "SELECT EXISTS (SELECT 1 from mcaptcha_users WHERE name = $1)",
-        &payload.val,
-    )
-    .fetch_one(&data.db)
-    .await?;
-
-    let mut resp = AccountCheckResp { exists: false };
-
-    if let Some(x) = res.exists {
-        if x {
-            resp.exists = true;
-        }
-    }
-
+    let resp = runners::username_exists(&payload, &data).await?;
    Ok(HttpResponse::Ok().json(resp))
 }

+pub mod runners {
+    use super::*;
+
+    pub async fn username_exists(
+        payload: &AccountCheckPayload,
+        data: &AppData,
+    ) -> ServiceResult<AccountCheckResp> {
+        let res = sqlx::query!(
+            "SELECT EXISTS (SELECT 1 from mcaptcha_users WHERE name = $1)",
+            &payload.val,
+        )
+        .fetch_one(&data.db)
+        .await?;
+
+        let mut resp = AccountCheckResp { exists: false };
+
+        if let Some(x) = res.exists {
+            if x {
+                resp.exists = true;
+            }
+        }
+
+        Ok(resp)
+    }
+}
+
 pub fn services(cfg: &mut actix_web::web::ServiceConfig) {
    cfg.service(username_exists);
 }
--- a/src/api/v1/auth.rs
+++ b/src/api/v1/auth.rs
@ -1,30 +1,34 @@
 /*
-* Copyright (C) 2021  Aravinth Manivannan <realaravinth@batsense.net>
-*
-* This program is free software: you can redistribute it and/or modify
-* it under the terms of the GNU Affero General Public License as
-* published by the Free Software Foundation, either version 3 of the
-* License, or (at your option) any later version.
-*
-* This program is distributed in the hope that it will be useful,
-* but WITHOUT ANY WARRANTY; without even the implied warranty of
-* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
-* GNU Affero General Public License for more details.
-*
-* You should have received a copy of the GNU Affero General Public License
-* along with this program.  If not, see <https://www.gnu.org/licenses/>.
-*/
+ * Copyright (C) 2021  Aravinth Manivannan <realaravinth@batsense.net>
+ *
+ * This program is free software: you can redistribute it and/or modify
+ * it under the terms of the GNU Affero General Public License as
+ * published by the Free Software Foundation, either version 3 of the
+ * License, or (at your option) any later version.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU Affero General Public License for more details.
+ *
+ * You should have received a copy of the GNU Affero General Public License
+ * along with this program.  If not, see <https://www.gnu.org/licenses/>.
+ */

 use actix_identity::Identity;
 use actix_web::http::header;
 use actix_web::{web, HttpResponse, Responder};
 use serde::{Deserialize, Serialize};
-//use futures::{future::TryFutureExt, join};

 use super::mcaptcha::get_random;
 use crate::errors::*;
 use crate::AppData;

+/// Demo username
+pub const DEMO_USER: &str = "aaronsw";
+/// Demo password
+pub const DEMO_PASSWORD: &str = "password";
+
 pub mod routes {
    pub struct Auth {
        pub logout: &'static str,
@ -133,7 +137,7 @@ pub mod runners {
        payload: &Register,
        data: &AppData,
    ) -> ServiceResult<()> {
-        if !crate::SETTINGS.server.allow_registration {
+        if !crate::SETTINGS.allow_registration {
            return Err(ServiceError::ClosedForRegistration);
        }

@ -195,6 +199,21 @@ pub mod runners {
        }
        Ok(())
    }
+
+    /// register demo user runner
+    pub async fn register_demo_user(data: &AppData) -> ServiceResult<()> {
+        let payload = runners::Register {
+            username: DEMO_USER.into(),
+            password: DEMO_PASSWORD.into(),
+            confirm_password: DEMO_PASSWORD.into(),
+            email: None,
+        };
+
+        match register_runner(&payload, data).await {
+            Err(ServiceError::UsernameTaken) | Ok(_) => Ok(()),
+            Err(e) => Err(e),
+        }
+    }
 }

 pub fn services(cfg: &mut web::ServiceConfig) {
--- a/src/api/v1/tests/auth.rs
+++ b/src/api/v1/tests/auth.rs
@ -1,24 +1,28 @@
 /*
-* Copyright (C) 2021  Aravinth Manivannan <realaravinth@batsense.net>
-*
-* This program is free software: you can redistribute it and/or modify
-* it under the terms of the GNU Affero General Public License as
-* published by the Free Software Foundation, either version 3 of the
-* License, or (at your option) any later version.
-*
-* This program is distributed in the hope that it will be useful,
-* but WITHOUT ANY WARRANTY; without even the implied warranty of
-* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
-* GNU Affero General Public License for more details.
-*
-* You should have received a copy of the GNU Affero General Public License
-* along with this program.  If not, see <https://www.gnu.org/licenses/>.
-*/
+ * Copyright (C) 2021  Aravinth Manivannan <realaravinth@batsense.net>
+ *
+ * This program is free software: you can redistribute it and/or modify
+ * it under the terms of the GNU Affero General Public License as
+ * published by the Free Software Foundation, either version 3 of the
+ * License, or (at your option) any later version.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU Affero General Public License for more details.
+ *
+ * You should have received a copy of the GNU Affero General Public License
+ * along with this program.  If not, see <https://www.gnu.org/licenses/>.
+ */

 use actix_web::http::{header, StatusCode};
 use actix_web::test;

-use crate::api::v1::auth::runners::{Login, Register};
+use crate::api::v1::account::{username::runners::username_exists, AccountCheckPayload};
+use crate::api::v1::auth::{
+    runners::{register_demo_user, Login, Register},
+    DEMO_PASSWORD, DEMO_USER,
+};
 use crate::api::v1::ROUTES;
 use crate::data::Data;
 use crate::errors::*;
@ -163,3 +167,17 @@ async fn serverside_password_validation_works() {
    let txt: ErrorToResponse = test::read_body_json(resp).await;
    assert_eq!(txt.error, format!("{}", ServiceError::PasswordsDontMatch));
 }
+
+#[actix_rt::test]
+async fn demo_account() {
+    let data = AppData::new(Data::new().await);
+    let _ = register_demo_user(&data).await.unwrap();
+
+    let payload = AccountCheckPayload {
+        val: DEMO_USER.into(),
+    };
+
+    assert!(username_exists(&payload, &data).await.unwrap().exists);
+
+    signin(DEMO_USER, DEMO_PASSWORD).await;
+}
--- a/src/data.rs
+++ b/src/data.rs
@ -10,7 +10,6 @@
 * but WITHOUT ANY WARRANTY; without even the implied warranty of
 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
 * GNU Affero General Public License for more details.
- *
 * You should have received a copy of the GNU Affero General Public License
 * along with this program.  If not, see <https://www.gnu.org/licenses/>.
 */
@ -38,9 +37,7 @@ use libmcaptcha::{
    pow::PoWConfig,
    pow::Work,
    system::{System, SystemBuilder},
-    //    master::messages::AddSite,
 };
-
 use sqlx::postgres::PgPoolOptions;
 use sqlx::PgPool;

--- a/src/settings.rs
+++ b/src/settings.rs
@ -24,7 +24,6 @@ use url::Url;

 #[derive(Debug, Clone, Deserialize)]
 pub struct Server {
-    pub allow_registration: bool,
    pub port: u32,
    pub domain: String,
    pub cookie_secret: String,
@ -106,6 +105,8 @@ pub struct Settings {
    pub pow: Captcha,
    pub source_code: String,
    pub smtp: Option<Smtp>,
+    pub allow_registration: bool,
+    pub allow_demo: bool,
 }

 #[cfg(not(tarpaulin_include))]
--- a/utils/aarch64-unknown-linux-musl-dockerfile
+++ b/utils/aarch64-unknown-linux-musl-dockerfile
@ -1,6 +0,0 @@
-FROM rustembedded/cross:aarch64-unknown-linux-musl
-
-RUN dpkg --add-architecture arm64 && \
-	apt-get update && \
-	DEBIAN_FRONTEND=noninteractive \
-	apt-get install --assume-yes postgresql
--- a/utils/x86_64-pc-windows-gnu-dockerfile
+++ b/utils/x86_64-pc-windows-gnu-dockerfile
@ -1 +0,0 @@
-RUN dpkg --add-architecture arm64 &&     apt-get update &&     apt-get install --assume-yes postgresql:arm64 postgresql-devel
--- a/utils/x86_64-unknown-linux-musl-dockerfile
+++ b/utils/x86_64-unknown-linux-musl-dockerfile
@ -1,4 +0,0 @@
-FROM rustembedded/cross:x86_64-unknown-linux-musl
-RUN dpkg --add-architecture arm64 && \
-	apt-get update &&
-	apt-get install --assume-yes postgresql-13:x86_64
				`@ -1 +0,0 @@`
				`RUN dpkg --add-architecture arm64 && apt-get update && apt-get install --assume-yes postgresql:arm64 postgresql-devel`