twenty icon indicating copy to clipboard operation
twenty copied to clipboard

Published 20 hours ago verified publisher icon twentyhq

Add option to disable Signups

Open wladpaiva opened this issue 1 year ago • 3 comments

Scope & Context

If you self host twenty right now, you would be essentially hosting a competition to the cloud service. Self-hosting usually means that they are going to be used internally therefore you wouldn't want to allow anyone to sign up at any time.

Current behavior

There's no way to disable sign ups

Expected behavior

Disable not authorized people to sign up.

Technical inputs

Add an IS_SIGNUP_DISABLED env var to control whether signups are allowed or not.

wladpaiva avatar Jan 02 '24 14:01 wladpaiva

Good idea! Declare env variable in EnvironmentService, and protection should be done on the backend side in AuthService. We should add a check in the signup method of that service. Probably in that case we also always want to return true in checkUserExists() - that way user is not redirected to signup form when trying to login with an email that is recognized. Let's try it, unless I'm missing something that goes against it...

FelixMalfait avatar Jan 02 '24 14:01 FelixMalfait

Would be interested in taking this 👋

No problem with this?

arthurdotwork avatar Jan 02 '24 22:01 arthurdotwork

Of course @arthureichelberger thanks a lot! Let us know if you're stuck

FelixMalfait avatar Jan 02 '24 22:01 FelixMalfait