Terms of Service support

2025-05-06 16:10:14 +00:00 · 2025-05-06 16:10:14 +00:00 · 799d99c9b4
commit 799d99c9b4
parent 7714976ae5
7 changed files with 40 additions and 14 deletions
--- a/modules/setting/service.go
+++ b/modules/setting/service.go
@ -89,6 +89,7 @@ var Service = struct {
 	ValidSiteURLSchemes                     []string
 	UsernameCooldownPeriod                  int64
 	MaxUserRedirects                        int64
+	TermsOfServiceURL                       string
 	PrivacyPolicyURL                        string

 	// OpenID settings
@ -298,8 +299,17 @@ func loadServiceFrom(rootCfg ConfigProvider) {
 	}
 	Service.MaxUserRedirects = sec.Key("MAX_USER_REDIRECTS").MustInt64(maxUserRedirectsDefault)

+	Service.TermsOfServiceURL = sec.Key("TERMS_OF_SERVICE_URL").MustString("")
 	Service.PrivacyPolicyURL = sec.Key("PRIVACY_POLICY_URL").MustString("")

+	if len(Service.TermsOfServiceURL) != 0 && len(Service.PrivacyPolicyURL) == 0 {
+		log.Warn("TERMS_OF_SERVICE_URL is specified, but PRIVACY_POLICY_URL is not")
+	}
+
+	if len(Service.PrivacyPolicyURL) != 0 && len(Service.TermsOfServiceURL) == 0 {
+		log.Warn("PRIVACY_POLICY_URL is specified, but TERMS_OF_SERVICE_URL is not")
+	}
+
 	mustMapSetting(rootCfg, "service.explore", &Service.Explore)

 	loadOpenIDSetting(rootCfg)
--- a/modules/web/middleware/data.go
+++ b/modules/web/middleware/data.go
@ -58,7 +58,8 @@ func CommonTemplateContextData() ContextData {
 		"EnableOpenIDSignIn": setting.Service.EnableOpenIDSignIn,
 		"PageStartTime":      time.Now(),

-		"RunModeIsProd":    setting.IsProd,
-		"PrivacyPolicyURL": setting.Service.PrivacyPolicyURL,
+		"RunModeIsProd":     setting.IsProd,
+		"TermsOfServiceURL": setting.Service.TermsOfServiceURL,
+		"PrivacyPolicyURL":  setting.Service.PrivacyPolicyURL,
 	}
 }
--- a/options/locale/locale_en-US.ini
+++ b/options/locale/locale_en-US.ini
@ -28,6 +28,7 @@ licenses = Licenses
 return_to_forgejo = Return to Forgejo
 toggle_menu = Toggle menu
 more_items = More items
+terms_of_service = Terms of Service
 privacy_policy = Privacy Policy

 username = Username
@ -39,7 +40,8 @@ captcha = CAPTCHA
 twofa = Two-factor authentication
 twofa_scratch = Two-factor scratch code
 passcode = Passcode
-consent_agree = I agree to the <a href="%s">Privacy Policy</a>
+consent.terms_of_service = I have read and agree to the <a href="%s">Terms of Service</a>
+consent.privacy_policy = I acknowledge that I have read the <a href="%s">Privacy Policy</a>

 webauthn_insert_key = Insert your security key
 webauthn_sign_in = Press the button on your security key. If your security key has no button, re-insert it.
@ -491,7 +493,7 @@ password_pwned_err = Could not complete request to HaveIBeenPwned
 last_admin = You cannot remove the last admin. There must be at least one admin.
 back_to_sign_in = Back to Sign in
 sign_in_openid = Proceed with OpenID
-must_consent = Agreement to our Privacy Policy is required to register.
+must_consent = Agreement to our Privacy Policy and Terms of Service is required to register.

 [mail]
 view_it_on = View it on %s
--- a/routers/web/auth/auth.go
+++ b/routers/web/auth/auth.go
@ -447,7 +447,7 @@ func SignUpPost(ctx *context.Context) {
 		return
 	}

-	if !form.Consent {
+	if !form.ConsentTerms || !form.ConsentPrivacy {
 		ctx.RenderWithErr(ctx.Tr("auth.must_consent"), tplSignUp, &form)
 		return
 	}
--- a/services/forms/user_form.go
+++ b/services/forms/user_form.go
@ -92,11 +92,12 @@ func (f *InstallForm) Validate(req *http.Request, errs binding.Errors) binding.E

 // RegisterForm form for registering
 type RegisterForm struct {
-	UserName string `binding:"Required;Username;MaxSize(40)"`
-	Email    string `binding:"Required;MaxSize(254)"`
-	Password string `binding:"MaxSize(255)"`
-	Retype   string
-	Consent  bool // privacy policy consent
+	UserName       string `binding:"Required;Username;MaxSize(40)"`
+	Email          string `binding:"Required;MaxSize(254)"`
+	Password       string `binding:"MaxSize(255)"`
+	Retype         string
+	ConsentTerms   bool
+	ConsentPrivacy bool
 }

 // Validate validates the fields
--- a/templates/base/footer_content.tmpl
+++ b/templates/base/footer_content.tmpl
@ -25,6 +25,7 @@
 			</div>
 		</div>
 		<a href="{{AssetUrlPrefix}}/licenses.txt">{{ctx.Locale.Tr "licenses"}}</a>
+		{{if .TermsOfServiceURL}}<a href="{{.TermsOfServiceURL}}">{{ctx.Locale.Tr "terms_of_service"}}</a>{{end}}
 		{{if .PrivacyPolicyURL}}<a href="{{.PrivacyPolicyURL}}">{{ctx.Locale.Tr "privacy_policy"}}</a>{{end}}
 		{{template "custom/extra_links_footer" .}}
 	</div>
--- a/templates/user/auth/consent.tmpl
+++ b/templates/user/auth/consent.tmpl
@ -1,10 +1,21 @@
-{{ if (.PrivacyPolicyURL) }}
+{{ if (.TermsOfServiceURL) }}
  <div class="inline field required">
    <div class="ui checkbox">
-      <input id="consent" name="consent" type="checkbox">
-      <label for="consent">{{ ctx.Locale.Tr "consent_agree" .PrivacyPolicyURL }}</label>
+      <input id="consent_terms" name="consent_terms" type="checkbox">
+      <label for="consent_terms">{{ ctx.Locale.Tr "consent.terms_of_service" .TermsOfServiceURL }}</label>
    </div>
  </div>
 {{ else }}
-  <input id="consent" name="consent" type="checkbox" checked hidden>
+  <input id="consent_terms" name="consent_terms" type="checkbox" checked hidden>
+{{ end }}
+
+{{ if (.PrivacyPolicyURL) }}
+  <div class="inline field required">
+    <div class="ui checkbox">
+      <input id="consent_privacy" name="consent_privacy" type="checkbox">
+      <label for="consent_privacy">{{ ctx.Locale.Tr "consent.privacy_policy" .PrivacyPolicyURL }}</label>
+    </div>
+  </div>
+{{ else }}
+  <input id="consent_privacy" name="consent_privacy" type="checkbox" checked hidden>
 {{ end }}