Jakach/armeech-neptune
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

adding posibility to disable user registration
Deploy / deploy (push) Successful in 1m43s
Details

Browse Source
This commit is contained in:
janis steiner
2026-05-10 10:25:18 +02:00
parent 95a6973313
commit 1b95574b76
4 changed files with 68 additions and 2 deletions
Download Patch File Download Diff File Expand all files Collapse all files
backend/api/index.php
+35 -1
View File
@@ -23,7 +23,7 @@ $path = str_replace('/api/', '', $path);
$segments = explode('/', trim($path, '/'));
$resource = $segments[0] ?? '';
if ($resource !== 'session' && $resource !== 'login' && $resource !== 'logout') {
if ($resource !== 'session' && $resource !== 'login' && $resource !== 'logout' && $resource !== 'registration') {
$loggedin = isset($_SESSION['neptune_loggedin']) && $_SESSION['neptune_loggedin'] === true;
if (!$loggedin) {
http_response_code(401);
@@ -70,6 +70,9 @@ try {
case 'shapes':
handleShapes($method, $id, $db);
break;
case 'registration':
handleRegistration($method, $db);
break;
default:
http_response_code(404);
echo json_encode(['error' => 'Not found']);
@@ -79,6 +82,28 @@ try {
echo json_encode(['error' => $e->getMessage()]);
}
function handleRegistration($method, $db) {
if ($method === 'GET') {
$stmt = $db->prepare("SELECT setting_value FROM neptune_settings WHERE setting_key = 'registration_enabled'");
$stmt->execute();
$row = $stmt->fetch();
$enabled = $row ? $row['setting_value'] !== '0' : true;
echo json_encode(['registration_enabled' => $enabled]);
} elseif ($method === 'POST') {
$role = $_SESSION['neptune_role'] ?? 'user';
if ($role !== 'admin') {
http_response_code(403);
echo json_encode(['error' => 'Admins only']);
return;
}
$data = json_decode(file_get_contents('php://input'), true);
$enabled = isset($data['registration_enabled']) ? ($data['registration_enabled'] ? '1' : '0') : '1';
$stmt = $db->prepare("INSERT INTO neptune_settings (setting_key, setting_value) VALUES ('registration_enabled', ?) ON DUPLICATE KEY UPDATE setting_value = ?");
$stmt->execute([$enabled, $enabled]);
echo json_encode(['status' => 'success', 'registration_enabled' => $enabled === '1']);
}
}
function handleSession($method, $db) {
$loggedin = isset($_SESSION['neptune_loggedin']) && $_SESSION['neptune_loggedin'] === true;
if (!$loggedin && $method === 'GET') {
@@ -152,6 +177,15 @@ function handleLogin($method, $db) {
$_SESSION['neptune_username'] = $user['username'];
$_SESSION['neptune_role'] = $user['role'];
} else {
$stmt = $db->prepare("SELECT setting_value FROM neptune_settings WHERE setting_key = 'registration_enabled'");
$stmt->execute();
$regSetting = $stmt->fetch();
$registrationEnabled = $regSetting ? $regSetting['setting_value'] !== '0' : true;
if (!$registrationEnabled) {
http_response_code(403);
echo json_encode(['error' => 'Registration is disabled by admin']);
return;
}
$count = $db->query("SELECT COUNT(*) as c FROM neptune_users")->fetch()['c'];
$role = ($count == 0) ? 'admin' : 'user';
$stmt = $db->prepare("INSERT INTO neptune_users (user_token, username, email, role) VALUES (?, ?, ?, ?)");