Allow configuration to disable the username and password login interface.

Used for when admins only want users to login via OAuth.
2025-02-25 18:55:37 -06:00 · 2016-04-07 11:25:05 -07:00 · 2016-04-07 11:25:05 -07:00 · 040586604b
commit 040586604b
parent efad4bcb56
4 changed files with 14 additions and 10 deletions
--- a/pkg/api/login.go
+++ b/pkg/api/login.go
@ -29,6 +29,7 @@ func LoginView(c *middleware.Context) {
 	viewData.Settings["githubAuthEnabled"] = setting.OAuthService.GitHub
 	viewData.Settings["disableUserSignUp"] = !setting.AllowUserSignUp
 	viewData.Settings["loginHint"] = setting.LoginHint
+	viewData.Settings["oauthOnly"] = setting.DisableUserPassLogin

 	if !tryLoginUsingRememberCookie(c) {
 		c.HTML(200, VIEW_INDEX, viewData)
--- a/pkg/setting/setting.go
+++ b/pkg/setting/setting.go
@ -82,13 +82,14 @@ var (
 	ExternalEnabled      bool

 	// User settings
-	AllowUserSignUp    bool
-	AllowUserOrgCreate bool
-	AutoAssignOrg      bool
-	AutoAssignOrgRole  string
-	VerifyEmailEnabled bool
-	LoginHint          string
-	DefaultTheme       string
+	AllowUserSignUp      bool
+	AllowUserOrgCreate   bool
+	AutoAssignOrg        bool
+	AutoAssignOrgRole    string
+	VerifyEmailEnabled   bool
+	LoginHint            string
+	DefaultTheme         string
+	DisableUserPassLogin bool

 	// Http auth
 	AdminUser     string
@ -485,6 +486,7 @@ func NewConfigContext(args *CommandLineArgs) error {
 	VerifyEmailEnabled = users.Key("verify_email_enabled").MustBool(false)
 	LoginHint = users.Key("login_hint").String()
 	DefaultTheme = users.Key("default_theme").String()
+	DisableUserPassLogin = users.Key("disable_user_pass_login").MustBool(false)

 	// anonymous access
 	AnonymousEnabled = Cfg.Section("auth.anonymous").Key("enabled").MustBool(false)
--- a/public/app/core/controllers/login_ctrl.js
+++ b/public/app/core/controllers/login_ctrl.js
@ -18,6 +18,7 @@ function (angular, coreModule, config) {
    $scope.googleAuthEnabled = config.googleAuthEnabled;
    $scope.githubAuthEnabled = config.githubAuthEnabled;
    $scope.oauthEnabled = config.githubAuthEnabled || config.googleAuthEnabled;
+    $scope.oauthOnly = config.oauthOnly;
    $scope.disableUserSignUp = config.disableUserSignUp;
    $scope.loginHint     = config.loginHint;

--- a/public/app/partials/login.html
+++ b/public/app/partials/login.html
@ -17,7 +17,7 @@
 				</button>
 			</div>

-      <form name="loginForm" class="login-form gf-form-group">
+      <form name="loginForm" class="login-form gf-form-group" ng-if="!oauthOnly">
 				<div class="gf-form" ng-if="loginMode">
 					<span class="gf-form-label width-7">User</span>
 					<input type="text" name="username" class="gf-form-input max-width-14" required ng-model='formModel.user' placeholder={{loginHint}}>
@ -40,7 +40,7 @@
 			</form>

 			<div ng-if="loginMode">
-				<div class="text-center login-divider" ng-if="oauthEnabled">
+				<div class="text-center login-divider" ng-if="oauthEnabled && !oauthOnly">
 					<div class="login-divider-line">
 						<span class="login-divider-text">
 							Or login with
@ -64,7 +64,7 @@

 			<div class="clearfix"></div>

-			<div class="text-center password-recovery">
+			<div class="text-center password-recovery" ng-if="!oauthOnly">
 				<div class="text-center">
 					<a href="user/password/send-reset-email">
 						Forgot your password?