Merge pull request #322 from bknd-io/fix/auth-strategy-respect-register-setting

fix(auth): `allow_register` was not respected in strategy controllers

app/src/auth/api/AuthController.ts

@@ -199,7 +199,12 @@ export class AuthController extends Controller {
       for (const [name, strategy] of Object.entries(strategies)) {
          if (!this.auth.isStrategyEnabled(strategy)) continue;
 
-         hono.route(`/${name}`, strategy.getController(this.auth.authenticator));
+         hono.route(
+            `/${name}`,
+            strategy.getController(this.auth.authenticator, {
+               allow_register: this.auth.config.allow_register,
+            }),
+         );
          this.registerStrategyActions(strategy, hono);
       }
 
@@ -305,7 +310,9 @@ export class AuthController extends Controller {
             await c.context.ctx().helper.granted(c, AuthPermissions.testPassword);
 
             const pw = this.auth.authenticator.strategy("password") as PasswordStrategy;
-            const controller = pw.getController(this.auth.authenticator);
+            const controller = pw.getController(this.auth.authenticator, {
+               allow_register: this.auth.config.allow_register,
+            });
 
             const res = await controller.request(
                new Request("https://localhost/login", {

app/src/auth/authenticate/strategies/PasswordStrategy.ts

@@ -87,7 +87,7 @@ export class PasswordStrategy extends AuthStrategy<typeof schema> {
       };
    }
 
-   getController(authenticator: Authenticator): Hono<any> {
+   getController(authenticator: Authenticator, opts: { allow_register?: boolean }): Hono<any> {
       const hono = new Hono();
       const redirectQuerySchema = s.object({
          redirect: s.string().optional(),
@@ -120,6 +120,7 @@ export class PasswordStrategy extends AuthStrategy<typeof schema> {
          },
       );
 
+      if (opts.allow_register) {
          hono.post(
             "/register",
             describeRoute({
@@ -155,6 +156,7 @@ export class PasswordStrategy extends AuthStrategy<typeof schema> {
                }
             },
          );
+      }
 
       return hono;
    }

app/src/auth/authenticate/strategies/Strategy.ts

@@ -36,7 +36,7 @@ export abstract class AuthStrategy<Schema extends s.Schema = s.Schema> {
 
    protected abstract getSchema(): Schema;
 
-   abstract getController(auth: Authenticator): Hono;
+   abstract getController(auth: Authenticator, opts: { allow_register?: boolean }): Hono;
 
    getType(): string {
       return this.type;

app/src/auth/authenticate/strategies/oauth/OAuthStrategy.ts

@@ -284,7 +284,7 @@ export class OAuthStrategy extends AuthStrategy<typeof schemaProvided> {
       }
    }
 
-   getController(auth: Authenticator): Hono<any> {
+   getController(auth: Authenticator, opts: { allow_register?: boolean }): Hono<any> {
       const hono = new Hono();
       const secret = "secret";
       const cookie_name = "_challenge";
@@ -379,6 +379,10 @@ export class OAuthStrategy extends AuthStrategy<typeof schemaProvided> {
             return c.notFound();
          }
 
+         if (action === "register" && !opts.allow_register) {
+            return c.notFound();
+         }
+
          const url = new URL(c.req.url);
          const path = url.pathname.replace(`/${action}`, "");
          const redirect_uri = url.origin + path + "/callback";