diff --git a/build/docker/config/dendrite.yaml b/build/docker/config/dendrite.yaml index d1410a7b4..94dcf4558 100644 --- a/build/docker/config/dendrite.yaml +++ b/build/docker/config/dendrite.yaml @@ -142,11 +142,6 @@ client_api: # using the registration shared secret below. registration_disabled: true - # Enable registration without captcha verification or shared secret. Note: this option is *not* recommended, - # as registration without verification is a known vector for spam and abuse. Defaults to false. Has no effect - # unless `registration_disabled` is set to false. - enable_registration_without_verification: false - # If set, allows registration by anyone who knows the shared secret, regardless of # whether registration is otherwise disabled. registration_shared_secret: "" diff --git a/dendrite-config.yaml b/dendrite-config.yaml index e92315462..1c11ef96d 100644 --- a/dendrite-config.yaml +++ b/dendrite-config.yaml @@ -161,11 +161,6 @@ client_api: # using the registration shared secret below. registration_disabled: true - # Enable registration without captcha verification or shared secret. Note: this option is *not* recommended, - # as registration without verification is a known vector for spam and abuse. Defaults to false. Has no effect - # unless `registration_disabled` is set to false. - enable_registration_without_verification: false - # Prevents new guest accounts from being created. Guest registration is also # disabled implicitly by setting 'registration_disabled' above. guests_disabled: true diff --git a/setup/config/config_clientapi.go b/setup/config/config_clientapi.go index f96aa5a10..5c2170e60 100644 --- a/setup/config/config_clientapi.go +++ b/setup/config/config_clientapi.go @@ -19,7 +19,7 @@ type ClientAPI struct { // Enable registration without captcha verification or shared secret. Note: this option is *not* recommended, // as registration without verification is a known vector for spam and abuse. Defaults to false. Has no effect // unless `registration_disabled` is set to false. - RegistrationWithoutVerificationEnabled bool `yaml:"enable_registration_without_verification"` + RegistrationWithoutVerificationEnabled bool `yaml:"-"` // If set, allows registration by anyone who also has the shared // secret, even if registration is otherwise disabled. @@ -63,6 +63,9 @@ func (c *ClientAPI) Defaults(generate bool) { c.RecaptchaSiteVerifyAPI = "" c.RegistrationDisabled = false c.RegistrationWithoutVerificationEnabled = false + if generate { + c.RegistrationWithoutVerificationEnabled = true + } c.RateLimiting.Defaults() } diff --git a/setup/flags.go b/setup/flags.go index 281cf3392..ecacfbed5 100644 --- a/setup/flags.go +++ b/setup/flags.go @@ -25,8 +25,9 @@ import ( ) var ( - configPath = flag.String("config", "dendrite.yaml", "The path to the config file. For more information, see the config file in this repository.") - version = flag.Bool("version", false, "Shows the current version and exits immediately.") + configPath = flag.String("config", "dendrite.yaml", "The path to the config file. For more information, see the config file in this repository.") + version = flag.Bool("version", false, "Shows the current version and exits immediately.") + enableRegistrationWithoutVerification = flag.Bool("really-enable-open-registration", false, "This allows open registration without verification (captcha, shared secret etc). (NOT RECOMMENDED)") ) // ParseFlags parses the commandline flags and uses them to create a config. @@ -48,5 +49,9 @@ func ParseFlags(monolith bool) *config.Dendrite { logrus.Fatalf("Invalid config file: %s", err) } + if *enableRegistrationWithoutVerification { + cfg.ClientAPI.RegistrationWithoutVerificationEnabled = true + } + return cfg }