User activation and management should not ask for password when using OAuth #11774
Description
Bug description
When statamic is configured with OAuth authentication and disabled E-Mail login, the user is still asked for a password and CP users can change password or send password reset emails.
How to reproduce
Configuration
- Configure and Enable OAuth login
- Disable Password Login (
statamic.oauth.email_login_enabled)
User management
- Open CP
- Go to User management
- User action drop down has a "Send password reset" action
- Open user detail
- "Change password" and "Send password reset" features are available
Expected: As the user will never use a password in the systems, these options should be disabled/removed.
User activation
- Create a new user in the CP
- Open the activation link
- Form with password reset is displayed
- If the user fills out the form he is logged in
Expected: The user should not need to set a password. The user must be authenticated via the OAuth provider.
Logs
Environment
Environment
Application Name: Changed
Laravel Version: 11.44.7
PHP Version: 8.3.19
Composer Version: 2.7.7
Environment: local
Debug Mode: ENABLED
URL: localhost:8000
Maintenance Mode: OFF
Timezone: Europe/Zurich
Locale: en
Cache
Config: NOT CACHED
Events: NOT CACHED
Routes: NOT CACHED
Views: CACHED
Drivers
Broadcasting: null
Cache: file
Database: mysql
Logs: stack / daily
Mail: log
Queue: sync
Session: file
Statamic
Addons: 3
Sites: 1
Stache Watcher: Enabled
Static Caching: Disabled
Version: 5.54.0 PRO
Statamic Addons
aerni/social-links: 3.2.0
silentz/mailchimp: 5.3.1
statamic/seo-pro: 6.6.5Installation
Fresh statamic/statamic site via CLI
Additional details
No response