mas_data_model/site_config.rs
1// Copyright 2024, 2025 New Vector Ltd.
2// Copyright 2023, 2024 The Matrix.org Foundation C.I.C.
3//
4// SPDX-License-Identifier: AGPL-3.0-only OR LicenseRef-Element-Commercial
5// Please see LICENSE files in the repository root for full details.
6
7use std::num::NonZeroU64;
8
9use chrono::Duration;
10use serde::Serialize;
11use url::Url;
12
13/// Which Captcha service is being used
14#[derive(Debug, Clone, Copy)]
15pub enum CaptchaService {
16 RecaptchaV2,
17 CloudflareTurnstile,
18 HCaptcha,
19}
20
21/// Captcha configuration
22#[derive(Debug, Clone)]
23pub struct CaptchaConfig {
24 /// Which Captcha service is being used
25 pub service: CaptchaService,
26
27 /// The site key used by the instance
28 pub site_key: String,
29
30 /// The secret key used by the instance
31 pub secret_key: String,
32}
33
34/// Automatic session expiration configuration
35#[derive(Debug, Clone)]
36pub struct SessionExpirationConfig {
37 pub user_session_inactivity_ttl: Option<Duration>,
38 pub oauth_session_inactivity_ttl: Option<Duration>,
39 pub compat_session_inactivity_ttl: Option<Duration>,
40}
41
42/// See [`mas_config::ExperimentalSessionLimitConfig`]
43#[derive(Serialize, Debug, Clone)]
44pub struct SessionLimitConfig {
45 pub soft_limit: NonZeroU64,
46 pub hard_limit: NonZeroU64,
47 pub dangerous_hard_limit_eviction: bool,
48}
49
50/// Random site configuration we want accessible in various places.
51#[allow(clippy::struct_excessive_bools)]
52#[derive(Debug, Clone)]
53pub struct SiteConfig {
54 /// Time-to-live of access tokens.
55 pub access_token_ttl: Duration,
56
57 /// Time-to-live of compatibility access tokens.
58 pub compat_token_ttl: Duration,
59
60 /// The server name, e.g. "matrix.org".
61 pub server_name: String,
62
63 /// The URL to the privacy policy.
64 pub policy_uri: Option<Url>,
65
66 /// The URL to the terms of service.
67 pub tos_uri: Option<Url>,
68
69 /// Imprint to show in the footer.
70 pub imprint: Option<String>,
71
72 /// Whether password login is enabled.
73 pub password_login_enabled: bool,
74
75 /// Whether password registration is enabled.
76 pub password_registration_enabled: bool,
77
78 /// Whether a valid email address is required for password registrations.
79 pub password_registration_email_required: bool,
80
81 /// Whether registration tokens are required for password registrations.
82 pub registration_token_required: bool,
83
84 /// Whether users can change their email.
85 pub email_change_allowed: bool,
86
87 /// Whether users can change their display name.
88 pub displayname_change_allowed: bool,
89
90 /// Whether users can change their password.
91 pub password_change_allowed: bool,
92
93 /// Whether users can recover their account via email.
94 pub account_recovery_allowed: bool,
95
96 /// Whether users can delete their own account.
97 pub account_deactivation_allowed: bool,
98
99 /// Captcha configuration
100 pub captcha: Option<CaptchaConfig>,
101
102 /// Minimum password complexity, between 0 and 4.
103 /// This is a score from zxcvbn.
104 pub minimum_password_complexity: u8,
105
106 pub session_expiration: Option<SessionExpirationConfig>,
107
108 /// Whether users can log in with their email address.
109 pub login_with_email_allowed: bool,
110
111 /// The iframe URL to show in the plan tab of the UI
112 pub plan_management_iframe_uri: Option<String>,
113
114 /// Limits on the number of application sessions that each user can have
115 pub session_limit: Option<SessionLimitConfig>,
116}