feature: Allow to disable default password login after SSO is configured. Fixes #406 (#502)

* [Feature Request] Allow to disable default password log in after SSO is configured #406
changed the flag to also disallow logging in via password
The extensions will also no longer be allowed to log in via username/password then

* [Feature Request] Allow to disable default password log in after SSO is configured #406
added the error message for OAuth

3 files changed, 18 insertions, 7 deletions

diff --git a/apps/browser-extension/src/SignInPage.tsx b/apps/browser-extension/src/SignInPage.tsx
index f1899d5a..1d849028 100644
--- a/apps/browser-extension/src/SignInPage.tsx
+++ b/apps/browser-extension/src/SignInPage.tsx
@@ -80,11 +80,7 @@ export default function SignInPage() {
       break;
   }
   if (loginError) {
-    if (loginError.data?.code == "UNAUTHORIZED") {
-      errorMessage = "Wrong username or password";
-    } else {
-      errorMessage = loginError.message;
-    }
+    errorMessage = loginError.message || "Wrong username or password";
   }
 
   return (
diff --git a/apps/web/components/signin/CredentialsForm.tsx b/apps/web/components/signin/CredentialsForm.tsx
index a35b768f..313dc7c5 100644
--- a/apps/web/components/signin/CredentialsForm.tsx
+++ b/apps/web/components/signin/CredentialsForm.tsx
@@ -35,6 +35,8 @@ function SignIn() {
   const [signinError, setSigninError] = useState("");
   const router = useRouter();
   const searchParams = useSearchParams();
+  const clientConfig = useClientConfig();
+
   const oAuthError = searchParams.get("error");
   if (oAuthError && !signinError) {
     setSigninError(`${OAUTH_FAILED} ${oAuthError}`);
@@ -44,6 +46,19 @@ function SignIn() {
     resolver: zodResolver(signInSchema),
   });
 
+  if (clientConfig.auth.disablePasswordAuth) {
+    return (
+      <>
+        {signinError && (
+          <p className="w-full text-center text-destructive">{signinError}</p>
+        )}
+        <p className="text-center">
+          Password authentication is currently disabled.
+        </p>
+      </>
+    );
+  }
+
   return (
     <Form {...form}>
       <form
@@ -234,7 +249,7 @@ export default function CredentialsForm() {
       </TabsContent>
       <TabsContent value="signup">
         {clientConfig.auth.disableSignups ||
-        clientConfig.auth.disablePasswordSignups ? (
+        clientConfig.auth.disablePasswordAuth ? (
           <p className="text-center">Signups are currently disabled.</p>
         ) : (
           <SignUp />
diff --git a/apps/web/lib/clientConfig.tsx b/apps/web/lib/clientConfig.tsx
index 90e6d35c..c5d206e3 100644
--- a/apps/web/lib/clientConfig.tsx
+++ b/apps/web/lib/clientConfig.tsx
@@ -6,7 +6,7 @@ export const ClientConfigCtx = createContext<ClientConfig>({
   demoMode: undefined,
   auth: {
     disableSignups: false,
-    disablePasswordSignups: false,
+    disablePasswordAuth: false,
   },
   inference: {
     inferredTagLang: "english",