Authentication token generation (#98):

* setting to disable the feature (aka "panic button")
2024-06-17 15:21:22 +02:00
parent a9b6474b8f
commit 257fdbd2c2
7 changed files with 111 additions and 30 deletions
--- a/server/lib/settings.ts
+++ b/server/lib/settings.ts
@ -9,6 +9,7 @@ import { RoomChannel } from './room-channel'
 import { BotsCtl } from './bots/ctl'
 import { ExternalAuthOIDC, ExternalAuthOIDCType } from './external-auth/oidc'
 import { Emojis } from './emojis'
+import { LivechatProsodyAuth } from './prosody/auth'
 import { loc } from './loc'
 const escapeHTML = require('escape-html')

@ -21,6 +22,7 @@ async function initSettings (options: RegisterServerOptions): Promise<void> {
  initImportantNotesSettings(options)
  initChatSettings(options)
  initFederationSettings(options)
+  initAuth(options)
  initExternalAuth(options)
  initAdvancedChannelCustomizationSettings(options)
  initChatBehaviourSettings(options)
@ -73,6 +75,8 @@ async function initSettings (options: RegisterServerOptions): Promise<void> {
    await Emojis.destroySingleton()
    await Emojis.initSingleton(options)

+    LivechatProsodyAuth.singleton().setUserTokensEnabled(!settings['livechat-token-disabled'])
+
    peertubeHelpers.logger.info('Saving settings, ensuring prosody is running')
    await ensureProsodyRunning(options)

@ -181,6 +185,35 @@ function initFederationSettings ({ registerSetting }: RegisterServerOptions): vo
  })
 }

+/**
+ * Initialize settings related to authentication.
+ * @param options peertube server options
+ */
+function initAuth (options: RegisterServerOptions): void {
+  const registerSetting = options.registerSetting
+
+  registerSetting({
+    type: 'html',
+    private: true,
+    descriptionHTML: loc('auth_description')
+  })
+
+  registerSetting({
+    type: 'html',
+    private: true,
+    descriptionHTML: loc('experimental_warning')
+  })
+
+  registerSetting({
+    name: 'livechat-token-disabled',
+    label: loc('livechat_token_disabled_label'),
+    descriptionHTML: loc('livechat_token_disabled_description'),
+    type: 'input-checkbox',
+    default: false,
+    private: false
+  })
+}
+
 /**
 * Registers settings related to the "External Authentication" section.
 * @param param0 server options