postiz-app icon indicating copy to clipboard operation
postiz-app copied to clipboard
Published 2 days ago verified publisher icon gitroomhq

Option to disable and/or restrict signups

Open DerLeole opened this issue 1 year ago • 6 comments

🔖 Feature description

Add an option to the configuration to disable signup of new accounts and/or an option that restricts signup to certain email domains. This is a pretty standard feature for most self-hostable SAAS.

Additionally some kind of invite system could be created that allows Admins to invite users via email to sign up, even when general signup is disabled (ideally with an additional config option).

🎤 Why is this feature needed ?

For maxium usability some may want to expose their postiz deployment to the internet. This however allows anyone to just create and account and use my deployment and my connected integrations, which they might not want. So an option to disable new signups or restrict them to a certain email domain (or similar) would do wonders.

✌️ How do you aim to achieve this?

Add a couple new config options:

  • DISABLE_SELF_SIGNUP (boolean)
  • RESTRICT_SELF_SIGNUP_EMAILS (comma seperated string of emails or domains) (overwritten by DISABLE_SELF_SIGNUP)
  • DISABLE_INVITES (boolean) (overwrites both other options)

🔄️ Additional Information

No response

👀 Have you spent some time to check if this feature request has been raised before?

  • [X] I checked and didn't find similar issue

Are you willing to submit PR?

None

DerLeole avatar Oct 24 '24 08:10 DerLeole

Hello @DerLeole , I find it as an interesting issue to work on. I would like to work on this issue. Please assign this issue to me. /assign

Dkghuser avatar Oct 24 '24 13:10 Dkghuser

Indeed, that's an essential feature for those trying to self-host, like myself. I have a rather small and slow VPS, no way I can afford to support random users registering and using the services that I host there.

D1reW0lf avatar Nov 24 '24 20:11 D1reW0lf

Please do this, I also cant afford to have random internet folk using my server

andygrillo avatar Nov 27 '24 16:11 andygrillo

Another please for this to happen. I was shocked that this wasn't already implemented.

Karjack182 avatar Dec 01 '24 12:12 Karjack182

Also supporting this

dalekcoffee avatar Dec 02 '24 14:12 dalekcoffee

Got things installed and uninstalled when i realized theres no way to restrict access to myself and family without putting another login in front via traefik or something

cchance27 avatar Dec 30 '24 18:12 cchance27

was thinking wouldn't it be easiest to just expose the OIDC login, that way self-hosted users could just point to their own OIDC backend (pocketid, authentik, etc) and login/auto could be handled externally.

cchance27 avatar Jan 21 '25 22:01 cchance27

Hey, this is resolved half, because now you have the option to disable signup.

egelhaus avatar Feb 03 '25 19:02 egelhaus

where are we this? are those config options added? if no, what are your current workarounds?

rockstarsunlimited avatar Feb 25 '25 06:02 rockstarsunlimited

where are we this? are those config options added? if no, what are your current workarounds? @rockstarsunlimited You can check the latest releases or the docs. All though the email domain sign up will not be implemented.

egelhaus avatar Feb 25 '25 06:02 egelhaus

Thanks @egelhaus for adding this.

For those having problems finding the configuration (I did), it was mentioned in https://github.com/gitroomhq/postiz-app/releases/tag/v1.29.1 as:

DISABLE_REGISTRATION=true

Couldn't actually find any mention of it in the docs though.

ryanwinter avatar Apr 02 '25 17:04 ryanwinter

Created a PR for the docs: https://github.com/gitroomhq/postiz-docs/pull/85

ryanwinter avatar Apr 02 '25 17:04 ryanwinter