Allow to disable non-SSO login

With a new disable_database_login parameter under :mobilizon, :instance

Closes #1154

Signed-off-by: Thomas Citharel <tcit@tcit.fr>
This commit is contained in:
Thomas Citharel 2022-10-28 16:05:55 +02:00
parent fc5b6882ae
commit 579bcaba06
No known key found for this signature in database
GPG key ID: A061B9DDE0CA0773
8 changed files with 41 additions and 18 deletions

View file

@ -19,6 +19,7 @@ config :mobilizon, :instance,
registrations_open: false,
registration_email_allowlist: [],
registration_email_denylist: [],
disable_database_login: false,
languages: [],
default_language: "en",
demo: false,

View file

@ -185,11 +185,7 @@
>{{ t("Login") }}</router-link
>
</li>
<li
v-if="
!currentActor?.id && (registrationsOpen || registrationsAllowlist)
"
>
<li v-if="!currentActor?.id && canRegister">
<router-link
:to="{ name: RouteName.REGISTER }"
class="block py-2 pr-4 pl-3 text-zinc-700 border-b border-gray-100 hover:bg-zinc-50 md:hover:bg-transparent md:border-0 md:hover:text-mbz-purple-700 md:p-0 dark:text-zinc-400 md:dark:hover:text-white dark:hover:bg-zinc-700 dark:hover:text-white md:dark:hover:bg-transparent dark:border-gray-700"
@ -378,7 +374,7 @@ import { ICurrentUserRole } from "@/types/enums";
import { logout } from "../utils/auth";
import { displayName } from "../types/actor";
import RouteName from "../router/name";
import { ref, watch } from "vue";
import { computed, ref, watch } from "vue";
import { useRouter } from "vue-router";
import { useI18n } from "vue-i18n";
import AccountCircle from "vue-material-design-icons/AccountCircle.vue";
@ -404,7 +400,15 @@ const router = useRouter();
// const route = useRoute();
const { identities } = useCurrentUserIdentities();
const { registrationsOpen, registrationsAllowlist } = useRegistrationConfig();
const { registrationsOpen, registrationsAllowlist, databaseLogin } =
useRegistrationConfig();
const canRegister = computed(() => {
return (
(registrationsOpen.value || registrationsAllowlist.value) &&
databaseLogin.value
);
});
// const mobileNavbarActive = ref(false);

View file

@ -208,7 +208,10 @@ export function useSearchConfig() {
export function useRegistrationConfig() {
const { result, error, loading, onResult } = useQuery<{
config: Pick<IConfig, "registrationsOpen" | "registrationsAllowlist">;
config: Pick<
IConfig,
"registrationsOpen" | "registrationsAllowlist" | "auth"
>;
}>(REGISTRATIONS, undefined, { fetchPolicy: "cache-only" });
const registrationsOpen = computed(
@ -217,9 +220,11 @@ export function useRegistrationConfig() {
const registrationsAllowlist = computed(
() => result.value?.config.registrationsAllowlist
);
const databaseLogin = computed(() => result.value?.config.auth.databaseLogin);
return {
registrationsOpen,
registrationsAllowlist,
databaseLogin,
error,
loading,
onResult,

View file

@ -79,6 +79,7 @@ export const CONFIG = gql`
}
auth {
ldap
databaseLogin
oauthProviders {
id
label
@ -386,6 +387,7 @@ export const LOGIN_CONFIG = gql`
query LoginConfig {
config {
auth {
databaseLogin
oauthProviders {
id
label
@ -450,6 +452,9 @@ export const REGISTRATIONS = gql`
config {
registrationsOpen
registrationsAllowlist
auth {
databaseLogin
}
}
}
`;

View file

@ -106,6 +106,7 @@ export interface IConfig {
version: string;
auth: {
ldap: boolean;
databaseLogin: boolean;
oauthProviders: IOAuthProvider[];
};
uploadLimits: {

View file

@ -42,7 +42,7 @@
>
{{ error }}
</o-notification>
<form @submit="loginAction">
<form @submit="loginAction" v-if="config?.auth.databaseLogin">
<o-field
:label="t('Email')"
label-for="email"
@ -81,13 +81,6 @@
</p>
<!-- <o-loading :is-full-page="false" v-model="submitted" /> -->
<div
class="control"
v-if="config && config?.auth.oauthProviders.length > 0"
>
<auth-providers :oauthProviders="config.auth.oauthProviders" />
</div>
<div class="flex flex-wrap gap-2 mt-3">
<o-button
tag="router-link"
@ -107,7 +100,12 @@
}"
>{{ t("Didn't receive the instructions?") }}</o-button
>
<p class="control" v-if="config && config.registrationsOpen">
<p
class="control"
v-if="
config && config.registrationsOpen && config.registrationsAllowlist
"
>
<o-button
tag="router-link"
variant="text"
@ -123,6 +121,9 @@
</p>
</div>
</form>
<div v-if="config && config?.auth.oauthProviders.length > 0">
<auth-providers :oauthProviders="config.auth.oauthProviders" />
</div>
</section>
</template>
@ -162,7 +163,10 @@ const route = useRoute();
const { currentUser } = useCurrentUserClient();
const { result: configResult } = useQuery<{
config: Pick<IConfig, "auth" | "registrationsOpen">;
config: Pick<
IConfig,
"auth" | "registrationsOpen" | "registrationsAllowlist"
>;
}>(LOGIN_CONFIG);
const config = computed(() => configResult.value?.config);

View file

@ -156,6 +156,8 @@ defmodule Mobilizon.GraphQL.Resolvers.Config do
federating: Config.instance_federating(),
auth: %{
ldap: Config.ldap_enabled?(),
database_login:
Application.get_env(:mobilizon, :instance) |> get_in([:disable_database_login]) == false,
oauth_providers: Config.oauth_consumer_strategies()
},
upload_limits: %{

View file

@ -305,6 +305,7 @@ defmodule Mobilizon.GraphQL.Schema.ConfigType do
"""
object :auth do
field(:ldap, :boolean, description: "Whether or not LDAP auth is enabled")
field(:database_login, :boolean, description: "Whether or not database login is enabled")
field(:oauth_providers, list_of(:oauth_provider), description: "List of oauth providers")
end