feat(recaptcha): Disable treating captcha-enabled servers as abuse-prone

This commit is contained in:
nexy7574 2025-07-08 19:07:27 +01:00
parent df1cb10a8e
commit e4a6abe15e
No known key found for this signature in database
GPG key ID: 0FA334385D0B689F

View file

@ -184,15 +184,17 @@ pub fn check(config: &Config) -> Result {
&& !config.yes_i_am_very_very_sure_i_want_an_open_registration_server_prone_to_abuse
&& config.registration_token.is_none()
&& config.registration_token_file.is_none()
&& !(config.recaptcha_site_key.is_some() && config.recaptcha_private_site_key.is_some())
{
return Err!(Config(
"registration_token",
"!! You have `allow_registration` enabled without a token configured in your config \
which means you are allowing ANYONE to register on your conduwuit instance without \
any 2nd-step (e.g. registration token). If this is not the intended behaviour, \
please set a registration token. For security and safety reasons, conduwuit will \
shut down. If you are extra sure this is the desired behaviour you want, please \
set the following config option to true:
"!! You have `allow_registration` enabled without a token or captcha configured \
which means you are allowing ANYONE to register on your continuwuity instance \
without any 2nd-step (e.g. registration token, captcha), which is FREQUENTLY \
abused by malicious actors. If this is not the intended behaviour, please set a \
registration token. For security and safety reasons, continuwuity will shut down. \
If you are extra sure this is the desired behaviour you want, please set the \
following config option to true:
`yes_i_am_very_very_sure_i_want_an_open_registration_server_prone_to_abuse`"
));
}