Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We鈥檒l occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Implement AUTH_DISABLE_DEFAULT config option #9322

Merged
merged 9 commits into from Dec 3, 2021
Merged

Implement AUTH_DISABLE_DEFAULT config option #9322

Show file tree
Hide file tree
Changes from 8 commits
Commits
Show all changes
9 commits
Select commit Hold shift + click to select a range
a982c0b
Implement AUTH_DISABLE_DEFAULT config option
dorianim Nov 1, 2021
66ac113
Disable default auth rute if set to disabled
dorianim Nov 1, 2021
bc2b61b
Add disableDefault to API docs
dorianim Nov 1, 2021
113c6fc
Update app/src/routes/login/login.vue
dorianim Nov 1, 2021
a20e830
Remove watch block
dorianim Nov 1, 2021
0aea457
Remove useless variable
dorianim Nov 1, 2021
4cccb13
Don't import watch
dorianim Nov 2, 2021
6c26969
Merge branch 'main' into feat/disable-default-auth-provider
rijkvanzanten Dec 3, 2021
bc0a059
Merge branch 'main' into feat/disable-default-auth-provider
rijkvanzanten Dec 3, 2021
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Jump to
Jump to file
Failed to load files.
Diff view
Diff view
8 changes: 5 additions & 3 deletions api/src/auth.ts
View file
Open in desktop
Expand Up @@ -24,10 +24,12 @@ export function getAuthProvider(provider: string): AuthDriver {

export async function registerAuthProviders(): Promise<void> {
const options = { knex: getDatabase(), schema: await getSchema() };
const defaultProvider = getProviderInstance('local', options)!;

// Register default provider
providers.set(DEFAULT_AUTH_PROVIDER, defaultProvider);
// Register default provider if not disabled
if (!env.AUTH_DISABLE_DEFAULT) {
const defaultProvider = getProviderInstance('local', options)!;
providers.set(DEFAULT_AUTH_PROVIDER, defaultProvider);
}

if (!env.AUTH_PROVIDERS) {
return;
Expand Down
9 changes: 7 additions & 2 deletions api/src/controllers/auth.ts
View file
Open in desktop
Expand Up @@ -48,7 +48,9 @@ for (const authProvider of authProviders) {
router.use(`/login/${authProvider.name}`, authRouter);
}

router.use('/login', createLocalAuthRouter(DEFAULT_AUTH_PROVIDER));
if (!env.AUTH_DISABLE_DEFAULT) {
router.use('/login', createLocalAuthRouter(DEFAULT_AUTH_PROVIDER));
}

router.post(
'/refresh',
Expand Down Expand Up @@ -191,7 +193,10 @@ router.post(
router.get(
'/',
asyncHandler(async (req, res, next) => {
res.locals.payload = { data: getAuthProviders() };
res.locals.payload = {
data: getAuthProviders(),
disableDefault: env.AUTH_DISABLE_DEFAULT,
};
return next();
}),
respond
Expand Down
1 change: 1 addition & 0 deletions api/src/env.ts
View file
Open in desktop
Expand Up @@ -56,6 +56,7 @@ const defaults: Record<string, any> = {
CACHE_PERMISSIONS: true,

AUTH_PROVIDERS: '',
AUTH_DISABLE_DEFAULT: false,

EXTENSIONS_PATH: './extensions',

Expand Down
19 changes: 11 additions & 8 deletions app/src/routes/login/login.vue
View file
Open in desktop
Expand Up @@ -30,7 +30,7 @@

<script lang="ts">
import { useI18n } from 'vue-i18n';
import { defineComponent, computed, PropType, ref, onMounted, watch } from 'vue';
import { defineComponent, computed, PropType, ref, onMounted } from 'vue';
import { LoginForm, LdapForm } from './components/login-form/';
import ContinueAs from './components/continue-as.vue';
import SsoLinks from './components/sso-links.vue';
Expand Down Expand Up @@ -74,19 +74,22 @@ export default defineComponent({

onMounted(() => fetchProviders());

watch(providers, () => {
providerOptions.value = providers.value
.filter((provider) => !AUTH_SSO_DRIVERS.includes(provider.driver))
.map((provider) => ({ text: formatTitle(provider.name), value: provider.name }));
providerOptions.value.unshift({ text: t('default_provider'), value: DEFAULT_AUTH_PROVIDER });
});

return { t, te, authenticated, providers, providerSelect, providerOptions, provider, driver };

async function fetchProviders() {
try {
const response = await api.get('/auth');
providers.value = response.data.data;
rijkvanzanten marked this conversation as resolved.
Show resolved Hide resolved

providerOptions.value = providers.value
.filter((provider) => !AUTH_SSO_DRIVERS.includes(provider.driver))
.map((provider) => ({ text: formatTitle(provider.name), value: provider.name }));

if (!response.data.disableDefault) {
providerOptions.value.unshift({ text: t('default_provider'), value: DEFAULT_AUTH_PROVIDER });
} else {
providerSelect.value = providerOptions.value[0]?.value;
}
} catch (err: any) {
unexpectedError(err);
}
Expand Down
7 changes: 4 additions & 3 deletions docs/configuration/config-options.md
View file
Open in desktop
Expand Up @@ -516,9 +516,10 @@ we recommend lowering the allowed concurrent transformations to prevent you from

## Authentication

| Variable | Description | Default Value |
| ---------------- | -------------------------------------- | ------------- |
| `AUTH_PROVIDERS` | CSV of auth providers you want to use. | -- |
| Variable | Description | Default Value |
| ---------------------- | -------------------------------------- | ------------- |
| `AUTH_PROVIDERS` | CSV of auth providers you want to use. | -- |
| `AUTH_DISABLE_DEFAULT` | Disable the default auth provider | `false` |

For each of the auth providers you list, you must provide the following configuration:

Expand Down
6 changes: 5 additions & 1 deletion docs/reference/authentication.md
View file
Open in desktop
Expand Up @@ -397,6 +397,9 @@ To learn more about setting up auth providers, see
`data` **Array**\
Array of configured auth providers.

`disableDefault` **boolean**\
Whether or not the default authentication provider is disabled.

</div>

</div>
Expand All @@ -423,7 +426,8 @@ GET /auth
"name": "Okta",
"driver": "openid"
}
]
],
"disableDefault": false
}
```

Expand Down