feat: Disable Registration with social login (#813)

* Google, Github and Discord * update .env.example with ALLOW_SOCIAL_REGISTRATION * fix some conflict * refactor strategy * Update user_auth_system.md * Update user_auth_system.md
2025-12-17 08:50:15 +01:00 · 2023-08-18 16:11:00 +02:00 · 2023-08-18 16:11:00 +02:00 · c40b95f424
commit c40b95f424
parent 46ed5aaccd
8 changed files with 252 additions and 224 deletions
--- a/api/strategies/googleStrategy.js
+++ b/api/strategies/googleStrategy.js
@ -1,11 +1,42 @@
 const { Strategy: GoogleStrategy } = require('passport-google-oauth20');
+const User = require('../models/User');
 const config = require('../../config/loader');
 const domains = config.domains;

-const User = require('../models/User');
+const googleLogin = async (accessToken, refreshToken, profile, cb) => {
+  try {
+    const email = profile.emails[0].value;
+    const googleId = profile.id;
+    const oldUser = await User.findOne({ email });
+    const ALLOW_SOCIAL_REGISTRATION =
+      process.env.ALLOW_SOCIAL_REGISTRATION?.toLowerCase() === 'true';

-// google strategy
-const googleLogin = async () =>
+    if (oldUser) {
+      oldUser.avatar = profile.photos[0].value;
+      await oldUser.save();
+      return cb(null, oldUser);
+    } else if (ALLOW_SOCIAL_REGISTRATION) {
+      const newUser = await new User({
+        provider: 'google',
+        googleId,
+        username: profile.name.givenName,
+        email,
+        emailVerified: profile.emails[0].verified,
+        name: `${profile.name.givenName} ${profile.name.familyName}`,
+        avatar: profile.photos[0].value,
+      }).save();
+
+      return cb(null, newUser);
+    }
+
+    return cb(null, false, { message: 'User not found.' });
+  } catch (err) {
+    console.error(err);
+    return cb(err);
+  }
+};
+
+module.exports = () =>
  new GoogleStrategy(
    {
      clientID: process.env.GOOGLE_CLIENT_ID,
@ -13,33 +44,5 @@ const googleLogin = async () =>
      callbackURL: `${domains.server}${process.env.GOOGLE_CALLBACK_URL}`,
      proxy: true,
    },
-    async (accessToken, refreshToken, profile, cb) => {
-      try {
-        const oldUser = await User.findOne({ email: profile.emails[0].value });
-        if (oldUser) {
-          oldUser.avatar = profile.photos[0].value;
-          await oldUser.save();
-          return cb(null, oldUser);
-        }
-      } catch (err) {
-        console.log(err);
-      }
-
-      try {
-        const newUser = await new User({
-          provider: 'google',
-          googleId: profile.id,
-          username: profile.name.givenName,
-          email: profile.emails[0].value,
-          emailVerified: profile.emails[0].verified,
-          name: `${profile.name.givenName} ${profile.name.familyName}`,
-          avatar: profile.photos[0].value,
-        }).save();
-        cb(null, newUser);
-      } catch (err) {
-        console.log(err);
-      }
-    },
+    googleLogin,
  );
-
-module.exports = googleLogin;