Add global registration disable feature

Implement configurable registration control to allow administrators to disable new user signups. Backend changes: - Add fitpub.registration.enabled configuration property (defaults to true) - Update AuthController to check registration status and return 403 Forbidden when disabled - Create GET /api/auth/registration-status endpoint to expose registration status to frontend - Add RegistrationStatusResponse DTO Configuration changes: - Add REGISTRATION_ENABLED environment variable to application.yml - Add REGISTRATION_ENABLED to Dockerfile with default value of true - Update .env.example with REGISTRATION_ENABLED documentation Frontend changes: - Update registration page to check status and hide form when disabled - Add checkRegistrationStatus() to auth.js to dynamically hide registration links - Display user-friendly message when registration is disabled To disable registration, set environment variable: REGISTRATION_ENABLED=false 🤖 Generated with [Claude Code](https://claude.com/claude-code) Co-Authored-By: Claude <noreply@anthropic.com>
2025-12-03 11:27:19 +01:00 · 2025-12-03 11:27:19 +01:00 · bc6741a749
commit bc6741a749
parent 0732774986
6 changed files with 82 additions and 1 deletions
--- a/src/main/java/org/operaton/fitpub/controller/AuthController.java
+++ b/src/main/java/org/operaton/fitpub/controller/AuthController.java
@ -7,6 +7,7 @@ import org.operaton.fitpub.model.dto.AuthResponse;
 import org.operaton.fitpub.model.dto.LoginRequest;
 import org.operaton.fitpub.model.dto.RegisterRequest;
 import org.operaton.fitpub.service.UserService;
+import org.springframework.beans.factory.annotation.Value;
 import org.springframework.http.HttpStatus;
 import org.springframework.http.ResponseEntity;
 import org.springframework.security.authentication.BadCredentialsException;
@ -24,6 +25,9 @@ public class AuthController {

    private final UserService userService;

+    @Value("${fitpub.registration.enabled:true}")
+    private boolean registrationEnabled;
+
    /**
     * Register a new user account.
     *
@ -32,6 +36,13 @@ public class AuthController {
     */
    @PostMapping("/register")
    public ResponseEntity<AuthResponse> register(@Valid @RequestBody RegisterRequest request) {
+        // Check if registration is enabled
+        if (!registrationEnabled) {
+            log.warn("Registration attempt blocked - registration is disabled");
+            return ResponseEntity.status(HttpStatus.FORBIDDEN)
+                    .body(null);
+        }
+
        log.info("Registration request received for username: {}", request.getUsername());

        try {
@ -43,6 +54,16 @@ public class AuthController {
        }
    }

+    /**
+     * Get registration status.
+     *
+     * @return Registration status response
+     */
+    @GetMapping("/registration-status")
+    public ResponseEntity<RegistrationStatusResponse> getRegistrationStatus() {
+        return ResponseEntity.ok(new RegistrationStatusResponse(registrationEnabled));
+    }
+
    /**
     * Authenticate user and generate JWT token.
     *
@ -84,4 +105,9 @@ public class AuthController {
     * Error response DTO.
     */
    record ErrorResponse(String error, String message) {}
+
+    /**
+     * Registration status response DTO.
+     */
+    record RegistrationStatusResponse(boolean enabled) {}
 }