Allow signing up forever without Brevo.

Also allow logins from local IPs (related to #5).

.env.sample

@@ -16,3 +16,5 @@ BREVO_API_KEY="fake"
 CONFIG_ALLOW_SIGNUPS="false"
 CONFIG_ENABLED_APPS="dashboard,news,files,notes,photos"
 CONFIG_FILES_ROOT_PATH="data-files"
+CONFIG_ENABLE_EMAILS="false" # if true, email verification will be required for signups (using Brevo)
+CONFIG_ENABLE_FOREVER_SIGNUP="true" # if true, all signups become active for 100 years

README.md

@@ -11,9 +11,6 @@ This is the [bewCloud app](https://bewcloud.com) built using [Fresh](https://fre
 
 Check the [Development section below](#development).
 
-> [!NOTE]
-> You don't need to have emails (Brevo) setup to have the app work. Those are only setup and used for email verification and future needs. You can simply make any `user.status = 'active'` and `user.subscription.expires_at = new Date('2100-01-01')` to "never" expire, in the database, directly.
-
 > [!IMPORTANT]
 > Even with signups disabled (`CONFIG_ALLOW_SIGNUPS="false"`), the first signup will work and become an admin.
 

lib/auth.ts

@@ -152,7 +152,9 @@ export async function logoutUser(request: Request) {
     name: COOKIE_NAME,
     value: '',
     expires: tomorrow,
-    domain: isRunningLocally(request) ? 'localhost' : baseUrl.replace('https://', ''),
+    domain: isRunningLocally(request)
+      ? 'localhost'
+      : baseUrl.replace('https://', '').replace('http://', '').split(':')[0],
     path: '/',
     secure: isRunningLocally(request) ? false : true,
     httpOnly: true,

lib/config.ts

@@ -14,6 +14,18 @@ export async function isSignupAllowed() {
   return false;
 }
 
+export function isEmailEnabled() {
+  const areEmailsAllowed = Deno.env.get('CONFIG_ENABLE_EMAILS') === 'true';
+
+  return areEmailsAllowed;
+}
+
+export function isForeverSignupEnabled() {
+  const areForeverAccountsEnabled = Deno.env.get('CONFIG_ENABLE_FOREVER_SIGNUP') === 'true';
+
+  return areForeverAccountsEnabled;
+}
+
 export function getFilesRootPath() {
   const configRootPath = Deno.env.get('CONFIG_FILES_ROOT_PATH');
 

lib/data/user.ts

@@ -1,6 +1,7 @@
 import Database, { sql } from '/lib/interfaces/database.ts';
 import { User, UserSession, VerificationCode } from '/lib/types.ts';
 import { generateRandomCode } from '/lib/utils/misc.ts';
+import { isEmailEnabled, isForeverSignupEnabled } from '/lib/config.ts';
 
 const db = new Database();
 
@@ -32,7 +33,7 @@ export async function getUserById(id: string) {
 }
 
 export async function createUser(email: User['email'], hashedPassword: User['hashed_password']) {
-  const trialDays = 30;
+  const trialDays = isForeverSignupEnabled() ? 36_525 : 30;
   const now = new Date();
   const trialEndDate = new Date(new Date().setUTCDate(new Date().getUTCDate() + trialDays));
 
@@ -42,7 +43,7 @@ export async function createUser(email: User['email'], hashedPassword: User['has
     updated_at: now.toISOString(),
   };
 
-  const extra: User['extra'] = { is_email_verified: false };
+  const extra: User['extra'] = { is_email_verified: isEmailEnabled() ? false : true };
 
   // First signup will be an admin "forever"
   if (!(await isThereAnAdmin())) {
@@ -62,7 +63,7 @@ export async function createUser(email: User['email'], hashedPassword: User['has
     [
       email,
       JSON.stringify(subscription),
-      extra.is_admin ? 'active' : 'trial',
+      extra.is_admin || isForeverSignupEnabled() ? 'active' : 'trial',
       hashedPassword,
       JSON.stringify(extra),
     ],

routes/login.tsx

@@ -6,6 +6,7 @@ import { FormField, generateFieldHtml, getFormDataField } from '/lib/form-utils.
 import { createVerificationCode, getUserByEmail, updateUser, validateVerificationCode } from '/lib/data/user.ts';
 import { sendVerifyEmailEmail } from '/lib/providers/brevo.ts';
 import { FreshContextState } from '/lib/types.ts';
+import { isEmailEnabled } from '/lib/config.ts';
 
 interface Data {
   error?: string;
@@ -62,6 +63,12 @@ export const handler: Handlers<Data, FreshContextState> = {
         throw new Error('Email not found or invalid password.');
       }
 
+      if (!isEmailEnabled() && !user.extra.is_email_verified) {
+        user.extra.is_email_verified = true;
+
+        await updateUser(user);
+      }
+
       if (!user.extra.is_email_verified) {
         const code = getFormDataField(formData, 'verification-code');
 

routes/settings.tsx

@@ -12,6 +12,7 @@ import {
 import { convertFormDataToObject, generateHash, validateEmail } from '/lib/utils/misc.ts';
 import { getFormDataField } from '/lib/form-utils.tsx';
 import { sendVerifyEmailEmail } from '/lib/providers/brevo.ts';
+import { isEmailEnabled } from '/lib/config.ts';
 import Settings, { Action, actionWords } from '/islands/Settings.tsx';
 
 interface Data {
@@ -73,7 +74,7 @@ export const handler: Handlers<Data, FreshContextState> = {
           throw new Error('Email is already in use.');
         }
 
-        if (action === 'change-email') {
+        if (action === 'change-email' && isEmailEnabled()) {
           const verificationCode = await createVerificationCode(user, email, 'email');
 
           await sendVerifyEmailEmail(email, verificationCode);
@@ -81,9 +82,11 @@ export const handler: Handlers<Data, FreshContextState> = {
           successTitle = 'Verify your email!';
           successMessage = 'You have received a code in your new email. Use it to verify it here.';
         } else {
-          const code = getFormDataField(formData, 'verification-code');
+          if (isEmailEnabled()) {
+            const code = getFormDataField(formData, 'verification-code');
 
-          await validateVerificationCode(user, email, code, 'email');
+            await validateVerificationCode(user, email, code, 'email');
+          }
 
           user.email = email;
 

routes/signup.tsx

@@ -3,9 +3,9 @@ import { Handlers, PageProps } from 'fresh/server.ts';
 import { generateHash, helpEmail, validateEmail } from '/lib/utils/misc.ts';
 import { PASSWORD_SALT } from '/lib/auth.ts';
 import { FormField, generateFieldHtml, getFormDataField } from '/lib/form-utils.tsx';
-import { createUser, createVerificationCode, getUserByEmail } from '/lib/data/user.ts';
+import { createUser, createVerificationCode, getUserByEmail, updateUser } from '/lib/data/user.ts';
 import { sendVerifyEmailEmail } from '/lib/providers/brevo.ts';
-import { isSignupAllowed } from '/lib/config.ts';
+import { isEmailEnabled, isSignupAllowed } from '/lib/config.ts';
 import { FreshContextState } from '/lib/types.ts';
 
 interface Data {
@@ -64,9 +64,11 @@ export const handler: Handlers<Data, FreshContextState> = {
 
       const user = await createUser(email, hashedPassword);
 
-      const verificationCode = await createVerificationCode(user, user.email, 'email');
+      if (isEmailEnabled()) {
+        const verificationCode = await createVerificationCode(user, user.email, 'email');
 
-      await sendVerifyEmailEmail(user.email, verificationCode);
+        await sendVerifyEmailEmail(user.email, verificationCode);
+      }
 
       return new Response('Signup successful', {
         status: 303,