feat(auth): hide password login when disable_password_auth is set (#438)#121
Open
louim wants to merge 1 commit into
Open
feat(auth): hide password login when disable_password_auth is set (#438)#121louim wants to merge 1 commit into
louim wants to merge 1 commit into
Conversation
When the backend resource endpoint reports disable_password_auth, the login view hides the username/password form, the 'or' divider and the 'Create new account' button, leaving only the configured SSO button — so SSO-only instances present a clean login. Auth options render only once the resource query has settled, so the password form never flashes before being hidden (no FOUC) on SSO-only instances. Also drops a dead setUserProfile(user) call in the post-auth effect (the symbol was removed earlier, leaving a no-undef that broke lint on this file); the profile now comes from useUserProfile(). Co-Authored-By: Claude Opus 4.8 (1M context) <noreply@anthropic.com>
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
1 participant
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Summary
When the backend reports
disable_password_auth, the login screen hides all username/password UI and shows only the SSO provider button(s). This is the client side of the SSO-only mode from #438.Part of #438. Needs the backend companion: donetick/donetick#699.
Changes
src/views/Authorization/LoginView.jsx:disable_password_auth(andisLoading) from theuseResource()hook.!resourceLoading && !resource?.disable_password_auth.resourceLoadingguard so the password form doesn't flash before the config resolves.Most of the diff is re-indentation from wrapping the existing blocks in the new conditional. The behavior change is small.
Notes
This is a UX hint only. The backend rejects password auth with a 403 on its own (see the companion PR), so the protection holds even if a client ignores the flag.
On an SSO-only instance this hides password login for all users, including managed sub-accounts, since the flag is there to route every identity through the external IdP.
Screenshots