feat(xo-server): configurable sign in page (#4678)

See xoa-support#1940

CHANGELOG.unreleased.md

@@ -9,6 +9,7 @@
 
 - [Backup NG] Make report recipients configurable in the backup settings [#4581](https://github.com/vatesfr/xen-orchestra/issues/4581) (PR [#4646](https://github.com/vatesfr/xen-orchestra/pull/4646))
 - [SAML] Setting to disable requested authentication context (helps with _Active Directory_) (PR [#4675](https://github.com/vatesfr/xen-orchestra/pull/4675))
+- The default sign-in page can be configured via `authentication.defaultSignInPage` (PR [#4678](https://github.com/vatesfr/xen-orchestra/pull/4678))
 
 ### Bug fixes
 

packages/xo-server/config.toml

@@ -50,6 +50,12 @@ maxTokenValidity = '0.5 year'
 # https://developer.mozilla.org/fr/docs/Web/HTTP/Headers/Set-Cookie#Session_cookie
 #sessionCookieValidity = '10 hours'
 
+# This is the page where unauthenticated users will be redirected to.
+#
+# For instance, it can be changed to `/signin/saml` if that's the provider that
+# should be used by default.
+defaultSignInPage = '/signin'
+
 [backup]
 # Delay for which backups listing on a remote is cached
 listingDebounce = '1 min'

packages/xo-server/src/index.js

@@ -237,7 +237,7 @@ async function setUpPassport(express, xo, { authentication: authCfg }) {
       next()
     } else {
       req.flash('return-url', url)
-      return res.redirect('/signin')
+      return res.redirect(authCfg.defaultSignInPage)
     }
   })