Allow to disable non-SSO login
With a new disable_database_login parameter under :mobilizon, :instance Closes #1154 Signed-off-by: Thomas Citharel <tcit@tcit.fr>
This commit is contained in:
parent
fc5b6882ae
commit
579bcaba06
|
@ -19,6 +19,7 @@ config :mobilizon, :instance,
|
||||||
registrations_open: false,
|
registrations_open: false,
|
||||||
registration_email_allowlist: [],
|
registration_email_allowlist: [],
|
||||||
registration_email_denylist: [],
|
registration_email_denylist: [],
|
||||||
|
disable_database_login: false,
|
||||||
languages: [],
|
languages: [],
|
||||||
default_language: "en",
|
default_language: "en",
|
||||||
demo: false,
|
demo: false,
|
||||||
|
|
|
@ -185,11 +185,7 @@
|
||||||
>{{ t("Login") }}</router-link
|
>{{ t("Login") }}</router-link
|
||||||
>
|
>
|
||||||
</li>
|
</li>
|
||||||
<li
|
<li v-if="!currentActor?.id && canRegister">
|
||||||
v-if="
|
|
||||||
!currentActor?.id && (registrationsOpen || registrationsAllowlist)
|
|
||||||
"
|
|
||||||
>
|
|
||||||
<router-link
|
<router-link
|
||||||
:to="{ name: RouteName.REGISTER }"
|
:to="{ name: RouteName.REGISTER }"
|
||||||
class="block py-2 pr-4 pl-3 text-zinc-700 border-b border-gray-100 hover:bg-zinc-50 md:hover:bg-transparent md:border-0 md:hover:text-mbz-purple-700 md:p-0 dark:text-zinc-400 md:dark:hover:text-white dark:hover:bg-zinc-700 dark:hover:text-white md:dark:hover:bg-transparent dark:border-gray-700"
|
class="block py-2 pr-4 pl-3 text-zinc-700 border-b border-gray-100 hover:bg-zinc-50 md:hover:bg-transparent md:border-0 md:hover:text-mbz-purple-700 md:p-0 dark:text-zinc-400 md:dark:hover:text-white dark:hover:bg-zinc-700 dark:hover:text-white md:dark:hover:bg-transparent dark:border-gray-700"
|
||||||
|
@ -378,7 +374,7 @@ import { ICurrentUserRole } from "@/types/enums";
|
||||||
import { logout } from "../utils/auth";
|
import { logout } from "../utils/auth";
|
||||||
import { displayName } from "../types/actor";
|
import { displayName } from "../types/actor";
|
||||||
import RouteName from "../router/name";
|
import RouteName from "../router/name";
|
||||||
import { ref, watch } from "vue";
|
import { computed, ref, watch } from "vue";
|
||||||
import { useRouter } from "vue-router";
|
import { useRouter } from "vue-router";
|
||||||
import { useI18n } from "vue-i18n";
|
import { useI18n } from "vue-i18n";
|
||||||
import AccountCircle from "vue-material-design-icons/AccountCircle.vue";
|
import AccountCircle from "vue-material-design-icons/AccountCircle.vue";
|
||||||
|
@ -404,7 +400,15 @@ const router = useRouter();
|
||||||
// const route = useRoute();
|
// const route = useRoute();
|
||||||
|
|
||||||
const { identities } = useCurrentUserIdentities();
|
const { identities } = useCurrentUserIdentities();
|
||||||
const { registrationsOpen, registrationsAllowlist } = useRegistrationConfig();
|
const { registrationsOpen, registrationsAllowlist, databaseLogin } =
|
||||||
|
useRegistrationConfig();
|
||||||
|
|
||||||
|
const canRegister = computed(() => {
|
||||||
|
return (
|
||||||
|
(registrationsOpen.value || registrationsAllowlist.value) &&
|
||||||
|
databaseLogin.value
|
||||||
|
);
|
||||||
|
});
|
||||||
|
|
||||||
// const mobileNavbarActive = ref(false);
|
// const mobileNavbarActive = ref(false);
|
||||||
|
|
||||||
|
|
|
@ -208,7 +208,10 @@ export function useSearchConfig() {
|
||||||
|
|
||||||
export function useRegistrationConfig() {
|
export function useRegistrationConfig() {
|
||||||
const { result, error, loading, onResult } = useQuery<{
|
const { result, error, loading, onResult } = useQuery<{
|
||||||
config: Pick<IConfig, "registrationsOpen" | "registrationsAllowlist">;
|
config: Pick<
|
||||||
|
IConfig,
|
||||||
|
"registrationsOpen" | "registrationsAllowlist" | "auth"
|
||||||
|
>;
|
||||||
}>(REGISTRATIONS, undefined, { fetchPolicy: "cache-only" });
|
}>(REGISTRATIONS, undefined, { fetchPolicy: "cache-only" });
|
||||||
|
|
||||||
const registrationsOpen = computed(
|
const registrationsOpen = computed(
|
||||||
|
@ -217,9 +220,11 @@ export function useRegistrationConfig() {
|
||||||
const registrationsAllowlist = computed(
|
const registrationsAllowlist = computed(
|
||||||
() => result.value?.config.registrationsAllowlist
|
() => result.value?.config.registrationsAllowlist
|
||||||
);
|
);
|
||||||
|
const databaseLogin = computed(() => result.value?.config.auth.databaseLogin);
|
||||||
return {
|
return {
|
||||||
registrationsOpen,
|
registrationsOpen,
|
||||||
registrationsAllowlist,
|
registrationsAllowlist,
|
||||||
|
databaseLogin,
|
||||||
error,
|
error,
|
||||||
loading,
|
loading,
|
||||||
onResult,
|
onResult,
|
||||||
|
|
|
@ -79,6 +79,7 @@ export const CONFIG = gql`
|
||||||
}
|
}
|
||||||
auth {
|
auth {
|
||||||
ldap
|
ldap
|
||||||
|
databaseLogin
|
||||||
oauthProviders {
|
oauthProviders {
|
||||||
id
|
id
|
||||||
label
|
label
|
||||||
|
@ -386,6 +387,7 @@ export const LOGIN_CONFIG = gql`
|
||||||
query LoginConfig {
|
query LoginConfig {
|
||||||
config {
|
config {
|
||||||
auth {
|
auth {
|
||||||
|
databaseLogin
|
||||||
oauthProviders {
|
oauthProviders {
|
||||||
id
|
id
|
||||||
label
|
label
|
||||||
|
@ -450,6 +452,9 @@ export const REGISTRATIONS = gql`
|
||||||
config {
|
config {
|
||||||
registrationsOpen
|
registrationsOpen
|
||||||
registrationsAllowlist
|
registrationsAllowlist
|
||||||
|
auth {
|
||||||
|
databaseLogin
|
||||||
|
}
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
`;
|
`;
|
||||||
|
|
|
@ -106,6 +106,7 @@ export interface IConfig {
|
||||||
version: string;
|
version: string;
|
||||||
auth: {
|
auth: {
|
||||||
ldap: boolean;
|
ldap: boolean;
|
||||||
|
databaseLogin: boolean;
|
||||||
oauthProviders: IOAuthProvider[];
|
oauthProviders: IOAuthProvider[];
|
||||||
};
|
};
|
||||||
uploadLimits: {
|
uploadLimits: {
|
||||||
|
|
|
@ -42,7 +42,7 @@
|
||||||
>
|
>
|
||||||
{{ error }}
|
{{ error }}
|
||||||
</o-notification>
|
</o-notification>
|
||||||
<form @submit="loginAction">
|
<form @submit="loginAction" v-if="config?.auth.databaseLogin">
|
||||||
<o-field
|
<o-field
|
||||||
:label="t('Email')"
|
:label="t('Email')"
|
||||||
label-for="email"
|
label-for="email"
|
||||||
|
@ -81,13 +81,6 @@
|
||||||
</p>
|
</p>
|
||||||
<!-- <o-loading :is-full-page="false" v-model="submitted" /> -->
|
<!-- <o-loading :is-full-page="false" v-model="submitted" /> -->
|
||||||
|
|
||||||
<div
|
|
||||||
class="control"
|
|
||||||
v-if="config && config?.auth.oauthProviders.length > 0"
|
|
||||||
>
|
|
||||||
<auth-providers :oauthProviders="config.auth.oauthProviders" />
|
|
||||||
</div>
|
|
||||||
|
|
||||||
<div class="flex flex-wrap gap-2 mt-3">
|
<div class="flex flex-wrap gap-2 mt-3">
|
||||||
<o-button
|
<o-button
|
||||||
tag="router-link"
|
tag="router-link"
|
||||||
|
@ -107,7 +100,12 @@
|
||||||
}"
|
}"
|
||||||
>{{ t("Didn't receive the instructions?") }}</o-button
|
>{{ t("Didn't receive the instructions?") }}</o-button
|
||||||
>
|
>
|
||||||
<p class="control" v-if="config && config.registrationsOpen">
|
<p
|
||||||
|
class="control"
|
||||||
|
v-if="
|
||||||
|
config && config.registrationsOpen && config.registrationsAllowlist
|
||||||
|
"
|
||||||
|
>
|
||||||
<o-button
|
<o-button
|
||||||
tag="router-link"
|
tag="router-link"
|
||||||
variant="text"
|
variant="text"
|
||||||
|
@ -123,6 +121,9 @@
|
||||||
</p>
|
</p>
|
||||||
</div>
|
</div>
|
||||||
</form>
|
</form>
|
||||||
|
<div v-if="config && config?.auth.oauthProviders.length > 0">
|
||||||
|
<auth-providers :oauthProviders="config.auth.oauthProviders" />
|
||||||
|
</div>
|
||||||
</section>
|
</section>
|
||||||
</template>
|
</template>
|
||||||
|
|
||||||
|
@ -162,7 +163,10 @@ const route = useRoute();
|
||||||
const { currentUser } = useCurrentUserClient();
|
const { currentUser } = useCurrentUserClient();
|
||||||
|
|
||||||
const { result: configResult } = useQuery<{
|
const { result: configResult } = useQuery<{
|
||||||
config: Pick<IConfig, "auth" | "registrationsOpen">;
|
config: Pick<
|
||||||
|
IConfig,
|
||||||
|
"auth" | "registrationsOpen" | "registrationsAllowlist"
|
||||||
|
>;
|
||||||
}>(LOGIN_CONFIG);
|
}>(LOGIN_CONFIG);
|
||||||
|
|
||||||
const config = computed(() => configResult.value?.config);
|
const config = computed(() => configResult.value?.config);
|
||||||
|
|
|
@ -156,6 +156,8 @@ defmodule Mobilizon.GraphQL.Resolvers.Config do
|
||||||
federating: Config.instance_federating(),
|
federating: Config.instance_federating(),
|
||||||
auth: %{
|
auth: %{
|
||||||
ldap: Config.ldap_enabled?(),
|
ldap: Config.ldap_enabled?(),
|
||||||
|
database_login:
|
||||||
|
Application.get_env(:mobilizon, :instance) |> get_in([:disable_database_login]) == false,
|
||||||
oauth_providers: Config.oauth_consumer_strategies()
|
oauth_providers: Config.oauth_consumer_strategies()
|
||||||
},
|
},
|
||||||
upload_limits: %{
|
upload_limits: %{
|
||||||
|
|
|
@ -305,6 +305,7 @@ defmodule Mobilizon.GraphQL.Schema.ConfigType do
|
||||||
"""
|
"""
|
||||||
object :auth do
|
object :auth do
|
||||||
field(:ldap, :boolean, description: "Whether or not LDAP auth is enabled")
|
field(:ldap, :boolean, description: "Whether or not LDAP auth is enabled")
|
||||||
|
field(:database_login, :boolean, description: "Whether or not database login is enabled")
|
||||||
field(:oauth_providers, list_of(:oauth_provider), description: "List of oauth providers")
|
field(:oauth_providers, list_of(:oauth_provider), description: "List of oauth providers")
|
||||||
end
|
end
|
||||||
|
|
||||||
|
|
Loading…
Reference in a new issue