feature: Allow disabling password signups (#413)

* [Feature Request] Allow to disable default password log in after SSO is configured #406 Added the DISABLE_LOCAL_SIGNUPS that can be used to force OAuth signups only * rename local signups to password signups --------- Co-authored-by: MohamedBassem <me@mbassem.com>
author: kamtschatka <simon.schatka@gmx.at> 2024-10-06 10:06:19 +0200
committer: GitHub <noreply@github.com> 2024-10-06 09:06:19 +0100
commit: 4a3775a9ac4242318dd7b91f0012cd756edcad7b (patch)
tree: 21811c995067527fa5ca0aeab22f7a28da8f1e45 /packages
parent: 8a1309536b76ba86872ca2e78aa695d9fd80c8cc (diff)
download: karakeep-4a3775a9ac4242318dd7b91f0012cd756edcad7b.tar.zst
2 files changed, 11 insertions, 2 deletions
diff --git a/packages/shared/config.ts b/packages/shared/config.ts
index b87babbd..288becab 100644
--- a/packages/shared/config.ts
+++ b/packages/shared/config.ts
@@ -10,6 +10,7 @@ const stringBool = (defaultValue: string) =>
 const allEnv = z.object({
   API_URL: z.string().url().default("http://localhost:3000"),
   DISABLE_SIGNUPS: stringBool("false"),
+  DISABLE_PASSWORD_SIGNUPS: stringBool("false"),
   OAUTH_ALLOW_DANGEROUS_EMAIL_ACCOUNT_LINKING: stringBool("false"),
   OAUTH_WELLKNOWN_URL: z.string().url().optional(),
   OAUTH_CLIENT_SECRET: z.string().optional(),
@@ -53,6 +54,7 @@ const serverConfigSchema = allEnv.transform((val) => {
     apiUrl: val.API_URL,
     auth: {
       disableSignups: val.DISABLE_SIGNUPS,
+      disablePasswordSignups: val.DISABLE_PASSWORD_SIGNUPS,
       oauth: {
         allowDangerousEmailAccountLinking:
           val.OAUTH_ALLOW_DANGEROUS_EMAIL_ACCOUNT_LINKING,
@@ -112,6 +114,7 @@ export const clientConfig = {
   demoMode: serverConfig.demoMode,
   auth: {
     disableSignups: serverConfig.auth.disableSignups,
+    disablePasswordSignups: serverConfig.auth.disablePasswordSignups,
   },
   inference: {
     inferredTagLang: serverConfig.inference.inferredTagLang,
diff --git a/packages/trpc/routers/users.ts b/packages/trpc/routers/users.ts
index ba1aee24..736e7e2f 100644
--- a/packages/trpc/routers/users.ts
+++ b/packages/trpc/routers/users.ts
@@ -29,10 +29,16 @@ export const usersAppRouter = router({
       }),
     )
     .mutation(async ({ input, ctx }) => {
-      if (serverConfig.auth.disableSignups) {
+      if (
+        serverConfig.auth.disableSignups ||
+        serverConfig.auth.disablePasswordSignups
+      ) {
+        const errorMessage = serverConfig.auth.disablePasswordSignups
+          ? "Local Signups are disabled in the server config. Use OAuth instead!"
+          : "Signups are disabled in server config";
         throw new TRPCError({
           code: "FORBIDDEN",
-          message: "Signups are disabled in server config",
+          message: errorMessage,
         });
       }
       // TODO: This is racy, but that's probably fine.
author	kamtschatka <simon.schatka@gmx.at>	2024-10-06 10:06:19 +0200
committer	GitHub <noreply@github.com>	2024-10-06 09:06:19 +0100
commit	4a3775a9ac4242318dd7b91f0012cd756edcad7b (patch)
tree	21811c995067527fa5ca0aeab22f7a28da8f1e45 /packages
parent	8a1309536b76ba86872ca2e78aa695d9fd80c8cc (diff)
download	karakeep-4a3775a9ac4242318dd7b91f0012cd756edcad7b.tar.zst