Go to file
forest 7a037c3064 small validation fix 2022-03-09 18:04:12 -06:00
.dockerignore cleanup and readme 2022-03-09 17:55:13 -06:00
.eslintrc.js initial commit 2021-08-13 12:15:41 +02:00
.gitignore initial commit 2021-08-13 12:15:41 +02:00
Dockerfile first commit of PoW captcha rewrite 2021-08-13 14:29:33 -05:00
README.md add images to readme 2022-03-09 18:01:47 -06:00
index.js small validation fix 2022-03-09 18:04:12 -06:00
package-lock.json first commit of PoW captcha rewrite 2021-08-13 14:29:33 -05:00
package.json first commit of PoW captcha rewrite 2021-08-13 14:29:33 -05:00
screenshot.png add images to readme 2022-03-09 18:01:47 -06:00
spam1.png add images to readme 2022-03-09 18:01:47 -06:00
yarn.lock Haiku based validation 2021-08-13 18:16:06 +02:00

README.md

Gitea Registration Proxy

Gitea servers have been targeted by a click farm employing human users to create accounts on any server with open registration. These accounts post SEO spam links on thier profiles and sometimes even create repositories.

a screenshot of two spam accounts, "HarryStylesMerch" and "MacMillerMerchStore"

To combat spam, you can integrate this application with your gitea deployment.

On registration, users are challenged to enter an invite token before they will be allowed to create an account.

a screenshot of the gitea new account registration form, including an "Invite Code" field at the end

Installation

This application only supports the /user/sign_up endpoint.

Therefore you must configure some sort of front-end reverse proxy server like nginx in order to use it, it can't be used as a front-end for gitea on its own.

  • Come up with your own invite token
    • It must be a string only containing alphanumeric characters and underscores
    • Configure it by setting the REGPROXY_INVITECODE environment variable
  • Configure this software by setting the REGPROXY_GITEAenvironment variable
    • REGPROXY_GITEA should be your gitea server's http host and port (not https or a url)
  • Run this software
  • Tell Nginx to proxy the /user/sign_up path on the gitea domain to hit this software instead of gitea
location /user/sign_up  {
	proxy_pass http://localhost:8080; # gitea registration proxy port	
}
  • ???
  • Profit!?!? (without spam)