Browse Source

cleanup and readme

main
forest 4 months ago
parent
commit
0c847cc90a
  1. 2
      .dockerignore
  2. 20
      README.md
  3. 11
      dockerbuild/Dockerfile-amd64
  4. 11
      dockerbuild/Dockerfile-arm
  5. 11
      dockerbuild/Dockerfile-arm64
  6. 7
      index.js

2
.dockerignore

@ -1,2 +1,2 @@
node_modules
npm-debug.log
npm-debug.log

20
README.md

@ -1,10 +1,28 @@
# Gitea Registration Proxy
To hopefully combat spam, proxy signup requests from a manipulated form template.
To combat spam, you can integrate this application with your gitea deployment.
This application only supports the `/user/sign_up` endpoint.
Therefore you must configure some sort of front-end reverse proxy server like nginx in order to use it, it can't be used as a front-end for gitea on its own.
> `/user/sign_up`
endpoint.
It's entirely based on the assumption that spambots just send the form submission with the email field, instead we require that field to be "please leave this empty" or "", and store the signup email in secret_field. The proxy then re-crafts the Gitea expected field names and passes on the request.
## Installation
- Come up with your own invite token
- It must be a string only containing alphanumeric characters and underscores
- Configure it by setting the `REGPROXY_INVITECODE` environment variable
- Configure this software by setting the `REGPROXY_GITEA`environment variable
- `REGPROXY_GITEA` should be your gitea server's http host and port (not https or a url)
- Run this software
- Tell Nginx to proxy the /user/sign_up path on the gitea domain to hit this software instead of gitea
```nginx

11
dockerbuild/Dockerfile-amd64

@ -1,11 +0,0 @@
FROM node:14
WORKDIR /app
COPY package.json ./
RUN npm install
COPY . .
CMD [ "node", "index.js" ]

11
dockerbuild/Dockerfile-arm

@ -1,11 +0,0 @@
FROM node:14
WORKDIR /app
COPY package.json ./
RUN npm install
COPY . .
CMD [ "node", "index.js" ]

11
dockerbuild/Dockerfile-arm64

@ -1,11 +0,0 @@
FROM node:14
WORKDIR /app
COPY package.json ./
RUN npm install
COPY . .
CMD [ "node", "index.js" ]

7
index.js

@ -14,7 +14,7 @@ const JSDOM = require("jsdom").JSDOM;
const setting = {
gitea: "127.0.0.1:3000",
port: "8080",
host: "127.0.0.1",
host: "0.0.0.0",
inviteCode: "change_meeee",
};
@ -31,6 +31,11 @@ const xssSanitize = (input) => {
return inputString.replace(/[^a-zA-Z0-9_]+/g, "_").replace(/(^_)|(_$)/g, "");
};
if(setting.inviteCode == "change_meeee") {
console.error(`inviteCode '${setting.inviteCode}' must not be left as its default value`);
process.exit(1);
}
if(xssSanitize(setting.inviteCode) != setting.inviteCode) {
console.error(`inviteCode '${setting.inviteCode}' must only contain alphanumeric characters and underscores`);
process.exit(1);

Loading…
Cancel
Save