configurable list of networks to allow with lockNetwork

revspace · Oct 8, 2024 · 3c8daf7 · 3c8daf7
1 parent 31cc4e7
commit 3c8daf7
Show file tree

Hide file tree

Showing 3 changed files with 39 additions and 24 deletions.
diff --git a/defaults/config.js b/defaults/config.js
@@ -263,11 +263,8 @@ module.exports = {
 	// }
 	// ```
 	defaults: {
-		name: "Libera.Chat",
-		host: "irc.libera.chat",
-		port: 6697,
+		network: "Libera.Chat",
 		password: "",
-		tls: true,
 		rejectUnauthorized: true,
 		nick: "thelounge%%",
 		username: "thelounge",
@@ -285,6 +282,21 @@ module.exports = {
 	// This value is set to `false` by default.
 	lockNetwork: false,
 
+	networks: {
+		"Libera.Chat": {
+			host: "irc.libera.chat",
+			port: 6697,
+			tls: true,
+			rejectUnauthorized: true
+		},
+		"OFTC": {
+			host: "irc.oftc.net",
+			port: 6697,
+			tls: true,
+			rejectUnauthorized: true
+		}
+	}
+
 	// ## User management
 
 	// ### `messageStorage`

diff --git a/server/config.ts b/server/config.ts
@@ -32,11 +32,7 @@ type FileUpload = {
 export type Defaults = Pick<
 	Network,
 	| "name"
-	| "host"
-	| "port"
 	| "password"
-	| "tls"
-	| "rejectUnauthorized"
 	| "nick"
 	| "username"
 	| "realname"
@@ -46,6 +42,7 @@ export type Defaults = Pick<
 	| "saslPassword"
 > & {
 	join: string;
+	network: string;
 };
 
 type Identd = {
@@ -83,6 +80,13 @@ type StoragePolicy = {
 	deletionPolicy: "statusOnly" | "everything";
 };
 
+type NetworkTemplate = {
+	host: string,
+	port: number,
+	tls: boolean,
+	rejectUnauthorized: boolean // if TLS certificates are validated 
+};
+
 export type ConfigType = {
 	public: boolean;
 	host: string | undefined;
@@ -103,6 +107,7 @@ export type ConfigType = {
 	leaveMessage: string;
 	defaults: Defaults;
 	lockNetwork: boolean;
+	networks: {[name: string]: NetworkTemplate};
 	messageStorage: string[];
 	storagePolicy: StoragePolicy;
 	useHexIp: boolean;
@@ -119,6 +124,9 @@ class Config {
 		path.join(__dirname, "..", "defaults", "config.js")
 	)) as ConfigType;
 	#homePath = "";
+	networks = Object.fromEntries(Object.entries(this.values.networks).map(([name, network]) => {
+		return [name, {...network, name}];
+	}));
 
 	getHomePath() {
 		return this.#homePath;

diff --git a/server/models/network.ts b/server/models/network.ts
@@ -246,26 +246,21 @@ class Network {
 
 		if (Config.values.lockNetwork) {
 			// This check is needed to prevent invalid user configurations
-			if (
-				!Config.values.public &&
-				this.host &&
-				this.host.length > 0 &&
-				this.host !== Config.values.defaults.host
-			) {
+
+			const allowedNetwork = Object.values(Config.networks).find((network) => {
+				return (this.name === network.name || this.host === network.host);
+			});
+
+			if (allowedNetwork === undefined) {
 				error(this, `The hostname you specified (${this.host}) is not allowed.`);
 				return false;
 			}
 
-			if (Config.values.public) {
-				this.name = Config.values.defaults.name;
-				// Sync lobby channel name
-				this.getLobby().name = Config.values.defaults.name;
-			}
-
-			this.host = Config.values.defaults.host;
-			this.port = Config.values.defaults.port;
-			this.tls = Config.values.defaults.tls;
-			this.rejectUnauthorized = Config.values.defaults.rejectUnauthorized;
+			this.name = allowedNetwork.name;
+			this.host = allowedNetwork.host;
+			this.port = allowedNetwork.port;
+			this.tls = allowedNetwork.tls;
+			this.rejectUnauthorized = allowedNetwork.rejectUnauthorized;
 		}
 
 		if (this.host.length === 0) {