🔥 Remove USERS_OPEN_REGISTRATION config, make registration enabled by default (#1274)

2024-07-31 17:08:26 -05:00
parent 7bba5a85f0
commit 1f686689f1
7 changed files with 31 additions and 71 deletions
--- a/backend/README.md
+++ b/backend/README.md
@@ -63,16 +63,6 @@ Make sure your editor is using the correct Python virtual environment.

 Modify or add SQLModel models for data and SQL tables in `./backend/app/models.py`, API endpoints in `./backend/app/api/`, CRUD (Create, Read, Update, Delete) utils in `./backend/app/crud.py`.

-### Enabling Open User Registration
-
-By default the backend has user registration disabled, but there's already a route to register users. If you want to allow users to register themselves, you can set the environment variable `USERS_OPEN_REGISTRATION` to `True` in the `.env` file.
-
-After modifying the environment variables, restart the Docker containers to apply the changes. You can do this by running:
-
-```console
-$ docker compose up -d
-```
-
 ### VS Code

 There are already configurations in place to run the backend through the VS Code debugger, so that you can use breakpoints, pause and explore variables, etc.
--- a/backend/app/api/routes/users.py
+++ b/backend/app/api/routes/users.py
@@ -146,11 +146,6 @@ def register_user(session: SessionDep, user_in: UserRegister) -> Any:
    """
    Create new user without the need to be logged in.
    """
-    if not settings.USERS_OPEN_REGISTRATION:
-        raise HTTPException(
-            status_code=403,
-            detail="Open user registration is forbidden on this server",
-        )
    user = crud.get_user_by_email(session=session, email=user_in.email)
    if user:
        raise HTTPException(
--- a/backend/app/core/config.py
+++ b/backend/app/core/config.py
@@ -94,7 +94,6 @@ class Settings(BaseSettings):
    # TODO: update type to EmailStr when sqlmodel supports it
    FIRST_SUPERUSER: str
    FIRST_SUPERUSER_PASSWORD: str
-    USERS_OPEN_REGISTRATION: bool = False

    def _check_default_secret(self, var_name: str, value: str | None) -> None:
        if value == "changethis":
--- a/backend/app/tests/api/routes/test_users.py
+++ b/backend/app/tests/api/routes/test_users.py
@@ -283,62 +283,41 @@ def test_update_password_me_same_password_error(


 def test_register_user(client: TestClient, db: Session) -> None:
-    with patch("app.core.config.settings.USERS_OPEN_REGISTRATION", True):
-        username = random_email()
-        password = random_lower_string()
-        full_name = random_lower_string()
-        data = {"email": username, "password": password, "full_name": full_name}
-        r = client.post(
-            f"{settings.API_V1_STR}/users/signup",
-            json=data,
-        )
-        assert r.status_code == 200
-        created_user = r.json()
-        assert created_user["email"] == username
-        assert created_user["full_name"] == full_name
+    username = random_email()
+    password = random_lower_string()
+    full_name = random_lower_string()
+    data = {"email": username, "password": password, "full_name": full_name}
+    r = client.post(
+        f"{settings.API_V1_STR}/users/signup",
+        json=data,
+    )
+    assert r.status_code == 200
+    created_user = r.json()
+    assert created_user["email"] == username
+    assert created_user["full_name"] == full_name

-        user_query = select(User).where(User.email == username)
-        user_db = db.exec(user_query).first()
-        assert user_db
-        assert user_db.email == username
-        assert user_db.full_name == full_name
-        assert verify_password(password, user_db.hashed_password)
-
-
-def test_register_user_forbidden_error(client: TestClient) -> None:
-    with patch("app.core.config.settings.USERS_OPEN_REGISTRATION", False):
-        username = random_email()
-        password = random_lower_string()
-        full_name = random_lower_string()
-        data = {"email": username, "password": password, "full_name": full_name}
-        r = client.post(
-            f"{settings.API_V1_STR}/users/signup",
-            json=data,
-        )
-        assert r.status_code == 403
-        assert (
-            r.json()["detail"] == "Open user registration is forbidden on this server"
-        )
+    user_query = select(User).where(User.email == username)
+    user_db = db.exec(user_query).first()
+    assert user_db
+    assert user_db.email == username
+    assert user_db.full_name == full_name
+    assert verify_password(password, user_db.hashed_password)


 def test_register_user_already_exists_error(client: TestClient) -> None:
-    with patch("app.core.config.settings.USERS_OPEN_REGISTRATION", True):
-        password = random_lower_string()
-        full_name = random_lower_string()
-        data = {
-            "email": settings.FIRST_SUPERUSER,
-            "password": password,
-            "full_name": full_name,
-        }
-        r = client.post(
-            f"{settings.API_V1_STR}/users/signup",
-            json=data,
-        )
-        assert r.status_code == 400
-        assert (
-            r.json()["detail"]
-            == "The user with this email already exists in the system"
-        )
+    password = random_lower_string()
+    full_name = random_lower_string()
+    data = {
+        "email": settings.FIRST_SUPERUSER,
+        "password": password,
+        "full_name": full_name,
+    }
+    r = client.post(
+        f"{settings.API_V1_STR}/users/signup",
+        json=data,
+    )
+    assert r.status_code == 400
+    assert r.json()["detail"] == "The user with this email already exists in the system"


 def test_update_user(