mas_data_model/
site_config.rs

1// Copyright 2024, 2025 New Vector Ltd.
2// Copyright 2023, 2024 The Matrix.org Foundation C.I.C.
3//
4// SPDX-License-Identifier: AGPL-3.0-only OR LicenseRef-Element-Commercial
5// Please see LICENSE files in the repository root for full details.
6
7use std::num::NonZeroU64;
8
9use chrono::Duration;
10use serde::Serialize;
11use url::Url;
12
13/// Which Captcha service is being used
14#[derive(Debug, Clone, Copy)]
15pub enum CaptchaService {
16    RecaptchaV2,
17    CloudflareTurnstile,
18    HCaptcha,
19}
20
21/// Captcha configuration
22#[derive(Debug, Clone)]
23pub struct CaptchaConfig {
24    /// Which Captcha service is being used
25    pub service: CaptchaService,
26
27    /// The site key used by the instance
28    pub site_key: String,
29
30    /// The secret key used by the instance
31    pub secret_key: String,
32}
33
34/// Automatic session expiration configuration
35#[derive(Debug, Clone)]
36pub struct SessionExpirationConfig {
37    pub user_session_inactivity_ttl: Option<Duration>,
38    pub oauth_session_inactivity_ttl: Option<Duration>,
39    pub compat_session_inactivity_ttl: Option<Duration>,
40}
41
42#[derive(Serialize, Debug, Clone)]
43pub struct SessionLimitConfig {
44    pub soft_limit: NonZeroU64,
45    pub hard_limit: NonZeroU64,
46}
47
48/// Random site configuration we want accessible in various places.
49#[allow(clippy::struct_excessive_bools)]
50#[derive(Debug, Clone)]
51pub struct SiteConfig {
52    /// Time-to-live of access tokens.
53    pub access_token_ttl: Duration,
54
55    /// Time-to-live of compatibility access tokens.
56    pub compat_token_ttl: Duration,
57
58    /// The server name, e.g. "matrix.org".
59    pub server_name: String,
60
61    /// The URL to the privacy policy.
62    pub policy_uri: Option<Url>,
63
64    /// The URL to the terms of service.
65    pub tos_uri: Option<Url>,
66
67    /// Imprint to show in the footer.
68    pub imprint: Option<String>,
69
70    /// Whether password login is enabled.
71    pub password_login_enabled: bool,
72
73    /// Whether password registration is enabled.
74    pub password_registration_enabled: bool,
75
76    /// Whether a valid email address is required for password registrations.
77    pub password_registration_email_required: bool,
78
79    /// Whether registration tokens are required for password registrations.
80    pub registration_token_required: bool,
81
82    /// Whether users can change their email.
83    pub email_change_allowed: bool,
84
85    /// Whether users can change their display name.
86    pub displayname_change_allowed: bool,
87
88    /// Whether users can change their password.
89    pub password_change_allowed: bool,
90
91    /// Whether users can recover their account via email.
92    pub account_recovery_allowed: bool,
93
94    /// Whether users can delete their own account.
95    pub account_deactivation_allowed: bool,
96
97    /// Captcha configuration
98    pub captcha: Option<CaptchaConfig>,
99
100    /// Minimum password complexity, between 0 and 4.
101    /// This is a score from zxcvbn.
102    pub minimum_password_complexity: u8,
103
104    pub session_expiration: Option<SessionExpirationConfig>,
105
106    /// Whether users can log in with their email address.
107    pub login_with_email_allowed: bool,
108
109    /// The iframe URL to show in the plan tab of the UI
110    pub plan_management_iframe_uri: Option<String>,
111
112    /// Limits on the number of application sessions that each user can have
113    pub session_limit: Option<SessionLimitConfig>,
114}