Merge pull request #1566 from solid/disable-linked-users

michielbdejong · web-flow · commit ccbe28103e82 · 2021-02-03T18:29:18.000+01:00
Disable linked users in IDP
diff --git a/default-views/account/register-form.hbs b/default-views/account/register-form.hbs
@@ -63,21 +63,6 @@
             <span class="help-block">Your email will only be used for account recovery</span>
           </div>
 
-          <div class="checkbox">
-            <label>
-              <input type="checkbox" name="connectExternalWebId" value="true" id="ConnectExternalWebId" {{#if connectExternalWebId}}checked{{/if}}/>
-              Connect to External WebID (<strong>Advanced feature</strong>)
-            </label>
-          </div>
-
-          <div class="form-group hidden" id="ExternalWebId">
-            <label class="control-label" for="externalWebId">External WebID:</label>
-            <input type="text" class="form-control" name="externalWebId" id="externalWebId" value="{{externalWebId}}"/>
-            <span class="help-block">
-              By connecting this account with an existing WebID, you can use that WebID to authenticate with the new account.
-            </span>
-          </div>
-
           {{#if enforceToc}}
             {{#if tocUri}}
               <div class="checkbox">
diff --git a/lib/models/authenticator.js b/lib/models/authenticator.js
@@ -144,7 +144,9 @@ class PasswordAuthenticator extends Authenticator {
           error.statusCode = 400
           throw error
         }
-
+        if (foundUser.link) {
+          throw new Error('Linked users not currently supported, sorry (external WebID without TLS?)')
+        }
         return this.userStore.matchPassword(foundUser, this.password)
       })
       .then(validUser => {
diff --git a/lib/requests/create-account-request.js b/lib/requests/create-account-request.js
@@ -120,9 +120,7 @@ class CreateAccountRequest extends AuthRequest {
       username: data.username,
       name: data.name,
       email: data.email,
-      externalWebId: data.externalWebId,
-      acceptToc: data.acceptToc,
-      connectExternalWebId: data.connectExternalWebId
+      acceptToc: data.acceptToc
     })
 
     if (error) {
@@ -144,6 +142,11 @@ class CreateAccountRequest extends AuthRequest {
     const userAccount = this.userAccount
     const accountManager = this.accountManager
 
+    if (userAccount.externalWebId) {
+      const error = new Error('Linked users not currently supported, sorry (external WebID without TLS?)')
+      error.statusCode = 400
+      throw error
+    }
     this.cancelIfUsernameInvalid(userAccount)
     this.cancelIfBlacklistedUsername(userAccount)
     await this.cancelIfAccountExists(userAccount)
