Allow to disable login/password reset

src/pretix/control/templates/pretixcontrol/auth/login.html

@@ -9,19 +9,23 @@
         {% bootstrap_field form.email %}
         {% bootstrap_field form.password %}
         <div class="form-group buttons">
-            <a href="{% url "control:auth.forgot" %}" class="btn btn-link">
-                {% trans "Lost password?" %}
-            </a>
+            {% if can_reset %}
+                <a href="{% url "control:auth.forgot" %}" class="btn btn-link">
+                    {% trans "Lost password?" %}
+                </a>
+            {% endif %}
 
             <button type="submit" class="btn btn-primary">
                 {% trans "Log in" %}
             </button>
         </div>
 
-        <div class="form-group buttons">
-            <a href="{% url "control:auth.register" %}" class="btn btn-link">
-                {% trans "Register" %}
-            </a>
-        </div>
+        {% if can_register %}
+            <div class="form-group buttons">
+                <a href="{% url "control:auth.register" %}" class="btn btn-link">
+                    {% trans "Register" %}
+                </a>
+            </div>
+        {% endif %}
     </form>
 {% endblock %}

src/pretix/control/views/auth.py

@@ -4,6 +4,7 @@ from django.contrib.auth import (
     authenticate, login as auth_login, logout as auth_logout,
 )
 from django.contrib.auth.tokens import default_token_generator
+from django.core.exceptions import PermissionDenied
 from django.shortcuts import redirect, render
 from django.utils.functional import cached_property
 from django.utils.translation import ugettext_lazy as _
@@ -35,6 +36,8 @@ def login(request):
     else:
         form = LoginForm()
     ctx['form'] = form
+    ctx['can_register'] = settings.PRETIX_REGISTRATION
+    ctx['can_reset'] = settings.PRETIX_PASSWORD_RESET
     return render(request, 'pretixcontrol/auth/login.html', ctx)
 
 
@@ -50,6 +53,8 @@ def register(request):
     """
     Render and process a basic registration form.
     """
+    if not settings.PRETIX_REGISTRATION:
+        raise PermissionDenied('Registration is disabled')
     ctx = {}
     if request.user.is_authenticated():
         return redirect(request.GET.get("next", 'control:index'))
@@ -74,6 +79,11 @@ def register(request):
 class Forgot(TemplateView):
     template_name = 'pretixcontrol/auth/forgot.html'
 
+    def dispatch(self, request, *args, **kwargs):
+        if not settings.PRETIX_PASSWORD_RESET:
+            raise PermissionDenied('Password reset is disabled')
+        return super().dispatch(request, *args, **kwargs)
+
     def get(self, request, *args, **kwargs):
         if request.user.is_authenticated():
             return redirect(request.GET.get("next", 'control:index'))
@@ -128,6 +138,11 @@ class Recover(TemplateView):
         'unknownuser': _('We were unable to find the user you requested a new password for.')
     }
 
+    def dispatch(self, request, *args, **kwargs):
+        if not settings.PRETIX_PASSWORD_RESET:
+            raise PermissionDenied('Password reset is disabled')
+        return super().dispatch(request, *args, **kwargs)
+
     def get(self, request, *args, **kwargs):
         if request.user.is_authenticated():
             return redirect(request.GET.get("next", 'control:index'))

src/pretix/settings.py

@@ -60,6 +60,8 @@ STATIC_URL = config.get('urls', 'static', fallback='/static/')
 MEDIA_URL = config.get('urls', 'media', fallback='/media/')
 
 PRETIX_INSTANCE_NAME = config.get('pretix', 'instance_name', fallback='pretix.de')
+PRETIX_REGISTRATION = config.getboolean('pretix', 'registration', fallback=True)
+PRETIX_PASSWORD_RESET = config.getboolean('pretix', 'password_reset', fallback=True)
 
 SITE_URL = config.get('pretix', 'url', fallback='http://localhost')