diff --git a/Gemfile.saas.lock b/Gemfile.saas.lock index 91c11943f..cc5d1ab5d 100644 --- a/Gemfile.saas.lock +++ b/Gemfile.saas.lock @@ -21,7 +21,7 @@ GIT GIT remote: https://github.com/basecamp/fizzy-saas - revision: a14df11b57818697df4b2cc7b6a43e762ebaa196 + revision: fb30201b9b2752f9e9cff2f9f36b698b13856404 specs: fizzy-saas (0.1.0) audits1984 diff --git a/README.md b/README.md index 27ba149fc..5ea839008 100644 --- a/README.md +++ b/README.md @@ -38,6 +38,8 @@ We've added comments to that file to highlight what each setting needs to be, bu - `proxy/ssl` and `proxy/host`: Kamal can set up SSL certificates for you automatically. To enable that, set the hostname again as `host`. If you don't want SSL for some reason, you can set `ssl: false` to turn it off. - `env/clear/MAILER_FROM_ADDRESS`: This is the email address that Fizzy will send emails from. It should usually be an address from the same domain where you're running Fizzy. - `env/clear/SMTP_ADDRESS`: The address of an SMTP server that you can send email through. You can use a 3rd-party service for this, like Sendgrid or Postmark, in which case their documentation will tell you what to use for this. +- `env/clear/MULTI_TENANT`: Set to `false` to enable single-tenant mode (disable multi-account signups). + Fizzy also requires a few environment variables to be set up, some of which contain secrets. The simplest way to do this is to put them in a file called `.kamal/secrets`. diff --git a/app/controllers/sessions_controller.rb b/app/controllers/sessions_controller.rb index fb9fe0617..e32cf3829 100644 --- a/app/controllers/sessions_controller.rb +++ b/app/controllers/sessions_controller.rb @@ -14,7 +14,8 @@ class SessionsController < ApplicationController else signup = Signup.new(email_address: email_address) if signup.valid?(:identity_creation) - redirect_to_session_magic_link signup.create_identity + identity = signup.create_identity if Account.accepting_signups? + redirect_to_session_magic_link identity else head :unprocessable_entity end diff --git a/app/controllers/signups_controller.rb b/app/controllers/signups_controller.rb index 776421201..56614158f 100644 --- a/app/controllers/signups_controller.rb +++ b/app/controllers/signups_controller.rb @@ -3,6 +3,7 @@ class SignupsController < ApplicationController allow_unauthenticated_access rate_limit to: 10, within: 3.minutes, only: :create, with: -> { redirect_to new_signup_path, alert: "Try again later." } before_action :redirect_authenticated_user + before_action :enforce_tenant_limit layout "public" @@ -24,6 +25,10 @@ class SignupsController < ApplicationController redirect_to new_signup_completion_path if authenticated? end + def enforce_tenant_limit + redirect_to new_session_url unless Account.accepting_signups? + end + def signup_params params.expect signup: :email_address end diff --git a/app/models/account.rb b/app/models/account.rb index 34aaf64ae..df0b845b0 100644 --- a/app/models/account.rb +++ b/app/models/account.rb @@ -1,5 +1,5 @@ class Account < ApplicationRecord - include Account::Storage, Entropic, Seedeable + include Account::Storage, Entropic, MultiTenantable, Seedeable has_one :join_code has_many :users, dependent: :destroy diff --git a/app/models/account/multi_tenantable.rb b/app/models/account/multi_tenantable.rb new file mode 100644 index 000000000..7d1ef5d39 --- /dev/null +++ b/app/models/account/multi_tenantable.rb @@ -0,0 +1,13 @@ +module Account::MultiTenantable + extend ActiveSupport::Concern + + included do + cattr_accessor :multi_tenant, default: false + end + + class_methods do + def accepting_signups? + multi_tenant || Account.none? + end + end +end diff --git a/app/views/sessions/magic_links/show.html.erb b/app/views/sessions/magic_links/show.html.erb index 4e94f411e..947b3c426 100644 --- a/app/views/sessions/magic_links/show.html.erb +++ b/app/views/sessions/magic_links/show.html.erb @@ -3,7 +3,9 @@
">

<%= @page_title %>

-

Then enter the verification code included in the email below:

+

+ Then enter the verification code included in the email below: +

<%= form_with url: session_magic_link_path, method: :post, html: { data: { controller: "magic-link" } } do |form| %> diff --git a/app/views/sessions/new.html.erb b/app/views/sessions/new.html.erb index fc89bf681..4e82c0b70 100644 --- a/app/views/sessions/new.html.erb +++ b/app/views/sessions/new.html.erb @@ -10,7 +10,11 @@
-

New here? <%= link_to "Sign up", new_signup_path %> to create an account. Already have an account? Enter your email and we’ll get you signed in.

+ <% if Account.accepting_signups? %> +

New here? <%= link_to "Sign up", new_signup_path %> to create an account. Already have an account? Enter your email and we’ll get you signed in.

+ <% else %> +

Enter your email and we’ll get you signed in.

+ <% end %>