Feature disable password login (#378)

* Add admin toggle to disable password login * Update src/backend/database/routes/users.ts Co-authored-by: gemini-code-assist[bot] <176961590+gemini-code-assist[bot]@users.noreply.github.com> * Update src/ui/main-axios.ts Co-authored-by: gemini-code-assist[bot] <176961590+gemini-code-assist[bot]@users.noreply.github.com> * Update src/ui/Desktop/Admin/AdminSettings.tsx Co-authored-by: gemini-code-assist[bot] <176961590+gemini-code-assist[bot]@users.noreply.github.com> * Update src/backend/database/routes/users.ts Co-authored-by: gemini-code-assist[bot] <176961590+gemini-code-assist[bot]@users.noreply.github.com> * Update src/backend/database/routes/users.ts Co-authored-by: gemini-code-assist[bot] <176961590+gemini-code-assist[bot]@users.noreply.github.com> --------- Co-authored-by: ZacharyZcR <zacharyzcr1984@gmail.com> Co-authored-by: gemini-code-assist[bot] <176961590+gemini-code-assist[bot]@users.noreply.github.com>
2025-10-07 19:59:44 -05:00
parent 1f614abcfc
commit 24d622d8e4
5 changed files with 124 additions and 0 deletions
--- a/src/ui/Desktop/Admin/AdminSettings.tsx
+++ b/src/ui/Desktop/Admin/AdminSettings.tsx
@@ -37,8 +37,10 @@ import { useConfirmation } from "@/hooks/use-confirmation.ts";
 import {
  getOIDCConfig,
  getRegistrationAllowed,
+  getPasswordLoginAllowed,
  getUserList,
  updateRegistrationAllowed,
+  updatePasswordLoginAllowed,
  updateOIDCConfig,
  disableOIDCConfig,
  makeUserAdmin,
@@ -62,6 +64,9 @@ export function AdminSettings({
  const [allowRegistration, setAllowRegistration] = React.useState(true);
  const [regLoading, setRegLoading] = React.useState(false);

+  const [allowPasswordLogin, setAllowPasswordLogin] = React.useState(true);
+  const [passwordLoginLoading, setPasswordLoginLoading] = React.useState(false);
+
  const [oidcConfig, setOidcConfig] = React.useState({
    client_id: "",
    client_secret: "",
@@ -141,6 +146,27 @@ export function AdminSettings({
      });
  }, []);

+  React.useEffect(() => {
+    if (isElectron()) {
+      const serverUrl = (window as any).configuredServerUrl;
+      if (!serverUrl) {
+        return;
+      }
+    }
+
+    getPasswordLoginAllowed()
+      .then((res) => {
+        if (typeof res?.allowed === "boolean") {
+          setAllowPasswordLogin(res.allowed);
+        }
+      })
+      .catch((err) => {
+        if (err.code !== "NO_SERVER_CONFIGURED") {
+          toast.error(t("admin.failedToFetchPasswordLoginStatus"));
+        }
+      });
+  }, []);
+
  const fetchUsers = async () => {
    if (isElectron()) {
      const serverUrl = (window as any).configuredServerUrl;
@@ -172,6 +198,16 @@ export function AdminSettings({
    }
  };

+  const handleTogglePasswordLogin = async (checked: boolean) => {
+    setPasswordLoginLoading(true);
+    try {
+      await updatePasswordLoginAllowed(checked);
+      setAllowPasswordLogin(checked);
+    } finally {
+      setPasswordLoginLoading(false);
+    }
+  };
+
  const handleOIDCConfigSubmit = async (e: React.FormEvent) => {
    e.preventDefault();
    setOidcLoading(true);
@@ -483,6 +519,14 @@ export function AdminSettings({
                  />
                  {t("admin.allowNewAccountRegistration")}
                </label>
+                <label className="flex items-center gap-2">
+                  <Checkbox
+                    checked={allowPasswordLogin}
+                    onCheckedChange={handleTogglePasswordLogin}
+                    disabled={passwordLoginLoading}
+                  />
+                  {t("admin.allowPasswordLogin")}
+                </label>
              </div>
            </TabsContent>

--- a/src/ui/main-axios.ts
+++ b/src/ui/main-axios.ts
@@ -1605,6 +1605,15 @@ export async function getRegistrationAllowed(): Promise<{ allowed: boolean }> {
  }
 }

+export async function getPasswordLoginAllowed(): Promise<{ allowed: boolean }> {
+  try {
+    const response = await authApi.get("/users/password-login-allowed");
+    return response.data;
+  } catch (error) {
+    handleApiError(error, "check password login status");
+  }
+}
+
 export async function getOIDCConfig(): Promise<any> {
  try {
    const response = await authApi.get("/users/oidc-config");
@@ -1752,6 +1761,19 @@ export async function updateRegistrationAllowed(
  }
 }

+export async function updatePasswordLoginAllowed(
+  allowed: boolean,
+): Promise<{ allowed: boolean }> {
+  try {
+    const response = await authApi.patch("/users/password-login-allowed", {
+      allowed,
+    });
+    return response.data;
+  } catch (error) {
+    handleApiError(error, "update password login allowed");
+  }
+}
+
 export async function updateOIDCConfig(config: any): Promise<any> {
  try {
    const response = await authApi.post("/users/oidc-config", config);