Allow admins to disable the login form

In case they want to not allow this because they use SSO (and do not
want the users to enter their credentials there by accident).

?direct=1 still works.

Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
This commit is contained in:
Roeland Jago Douma 2021-03-03 11:18:33 +01:00
parent 43b333331d
commit 4076dfb019
6 changed files with 28 additions and 3 deletions

View File

@ -305,6 +305,15 @@ $CONFIG = [
*/ */
'auth.webauthn.enabled' => true, 'auth.webauthn.enabled' => true,
/**
* By default the login form is always available. There are cases (SSO) where an
* admin wants to avoid users entering their credentials to the system if the SSO
* app is unavailable.
*
* This will show an error. But the the direct login still works with adding ?direct=1
*/
'hide_login_form' => false,
/** /**
* The directory where the skeleton files are located. These files will be * The directory where the skeleton files are located. These files will be
* copied to the data directory of new users. Leave empty to not copy any * copied to the data directory of new users. Leave empty to not copy any

View File

@ -191,6 +191,8 @@ class LoginController extends Controller {
$this->initialStateService->provideInitialState('core', 'webauthn-available', $this->webAuthnManager->isWebAuthnAvailable()); $this->initialStateService->provideInitialState('core', 'webauthn-available', $this->webAuthnManager->isWebAuthnAvailable());
$this->initialStateService->provideInitialState('core', 'hideLoginForm', $this->config->getSystemValueBool('hide_login_form', false));
// OpenGraph Support: http://ogp.me/ // OpenGraph Support: http://ogp.me/
Util::addHeader('meta', ['property' => 'og:title', 'content' => Util::sanitizeHTML($this->defaults->getName())]); Util::addHeader('meta', ['property' => 'og:title', 'content' => Util::sanitizeHTML($this->defaults->getName())]);
Util::addHeader('meta', ['property' => 'og:description', 'content' => Util::sanitizeHTML($this->defaults->getSlogan())]); Util::addHeader('meta', ['property' => 'og:description', 'content' => Util::sanitizeHTML($this->defaults->getSlogan())]);

File diff suppressed because one or more lines are too long

File diff suppressed because one or more lines are too long

View File

@ -67,5 +67,6 @@ new View({
hasPasswordless: fromStateOr('webauthn-available', false), hasPasswordless: fromStateOr('webauthn-available', false),
isHttps: window.location.protocol === 'https:', isHttps: window.location.protocol === 'https:',
hasPublicKeyCredential: typeof (window.PublicKeyCredential) !== 'undefined', hasPublicKeyCredential: typeof (window.PublicKeyCredential) !== 'undefined',
hideLoginForm: fromStateOr('hideLoginForm', false),
}, },
}).$mount('#login') }).$mount('#login')

View File

@ -20,7 +20,7 @@
--> -->
<template> <template>
<div> <div v-if="!hideLoginForm || directLogin">
<transition name="fade" mode="out-in"> <transition name="fade" mode="out-in">
<div v-if="!passwordlessLogin && !resetPassword && resetPasswordTarget === ''" <div v-if="!passwordlessLogin && !resetPassword && resetPasswordTarget === ''"
key="login"> key="login">
@ -84,6 +84,15 @@
</div> </div>
</transition> </transition>
</div> </div>
<div v-else>
<transition name="fade" mode="out-in">
<div class="warning">
{{ t('core', 'Login form is disabled.') }}<br>
<small>{{ t('core', 'Please contact your administrator.') }}
</small>
</div>
</transition>
</div>
</template> </template>
<script> <script>
@ -153,6 +162,10 @@ export default {
type: Boolean, type: Boolean,
default: false, default: false,
}, },
hideLoginForm: {
type: Boolean,
default: false
}
}, },
data() { data() {
return { return {