From 22c57424af4d0cd8d87ecf37b56374750c6e67a9 Mon Sep 17 00:00:00 2001 From: Paul O'Fallon Date: Sun, 9 Apr 2023 21:56:28 -0400 Subject: [PATCH 1/4] Always redirect to login provider when autoLogin is set --- server/controllers/common.js | 3 +++ 1 file changed, 3 insertions(+) diff --git a/server/controllers/common.js b/server/controllers/common.js index 55cc4d33..02a07aac 100644 --- a/server/controllers/common.js +++ b/server/controllers/common.js @@ -450,6 +450,9 @@ router.get('/*', async (req, res, next) => { if (pageArgs.path === 'home' && req.user.id === 2) { return res.redirect('/login') } + if (WIKI.config.auth.autoLogin && req.user.id === 2) { + return res.redirect('/login') + } _.set(res.locals, 'pageMeta.title', 'Unauthorized') return res.status(403).render('unauthorized', { action: 'view' From d13dd7ae0ca6d06d96a086ab24437320f5aedb79 Mon Sep 17 00:00:00 2001 From: Paul O'Fallon Date: Sun, 7 May 2023 16:57:42 -0400 Subject: [PATCH 2/4] Add new admin configuration option --- client/components/admin/admin-security.vue | 14 ++++++++++++++ server/app/data.yml | 1 + server/controllers/common.js | 2 +- server/graph/resolvers/site.js | 2 ++ server/graph/schemas/site.graphql | 2 ++ 5 files changed, 20 insertions(+), 1 deletion(-) diff --git a/client/components/admin/admin-security.vue b/client/components/admin/admin-security.vue index 7a8d305b..20aaf5d4 100644 --- a/client/components/admin/admin-security.vue +++ b/client/components/admin/admin-security.vue @@ -196,6 +196,15 @@ persistent-hint :hint='$t(`admin:security.hideLocalLoginHint`)' ) + v-switch( + inset + :label='$t(`admin:security.startGuestAuth`)' + color='primary' + v-model='config.authGuestLogin' + prepend-icon='mdi-login-variant' + persistent-hint + :hint='$t(`admin:security.startGuestAuthHint`)' + ) v-divider.mt-3 .overline.grey--text.pa-4 {{$t('admin:security.loginSecurity')}} .px-4.pb-3 @@ -272,6 +281,7 @@ export default { securityCSP: false, securityCSPDirectives: '', authAutoLogin: false, + authGuestLogin: false, authHideLocal: false, authLoginBgUrl: '', authJwtAudience: 'urn:wiki.js', @@ -298,6 +308,7 @@ export default { mutation: gql` mutation ( $authAutoLogin: Boolean + $authGuestLogin: Boolean $authEnforce2FA: Boolean $authHideLocal: Boolean $authLoginBgUrl: String @@ -321,6 +332,7 @@ export default { site { updateConfig( authAutoLogin: $authAutoLogin, + authGuestLogin: $authGuestLogin, authEnforce2FA: $authEnforce2FA, authHideLocal: $authHideLocal, authLoginBgUrl: $authLoginBgUrl, @@ -353,6 +365,7 @@ export default { `, variables: { authAutoLogin: _.get(this.config, 'authAutoLogin', false), + authGuestLogin: _.get(this.config, 'authGuestLogin', false), authEnforce2FA: _.get(this.config, 'authEnforce2FA', false), authHideLocal: _.get(this.config, 'authHideLocal', false), authLoginBgUrl: _.get(this.config, 'authLoginBgUrl', ''), @@ -406,6 +419,7 @@ export default { site { config { authAutoLogin + authGuestLogin authEnforce2FA authHideLocal authLoginBgUrl diff --git a/server/app/data.yml b/server/app/data.yml index 7c3d0803..5a3c7fb7 100644 --- a/server/app/data.yml +++ b/server/app/data.yml @@ -63,6 +63,7 @@ defaults: tocPosition: 'left' auth: autoLogin: false + guestLogin: false enforce2FA: false hideLocal: false loginBgUrl: '' diff --git a/server/controllers/common.js b/server/controllers/common.js index 02a07aac..ec8bdfb7 100644 --- a/server/controllers/common.js +++ b/server/controllers/common.js @@ -450,7 +450,7 @@ router.get('/*', async (req, res, next) => { if (pageArgs.path === 'home' && req.user.id === 2) { return res.redirect('/login') } - if (WIKI.config.auth.autoLogin && req.user.id === 2) { + if (WIKI.config.auth.guestLogin && req.user.id === 2) { return res.redirect('/login') } _.set(res.locals, 'pageMeta.title', 'Unauthorized') diff --git a/server/graph/resolvers/site.js b/server/graph/resolvers/site.js index 27cd340c..61225d23 100644 --- a/server/graph/resolvers/site.js +++ b/server/graph/resolvers/site.js @@ -25,6 +25,7 @@ module.exports = { ...WIKI.config.features, ...WIKI.config.security, authAutoLogin: WIKI.config.auth.autoLogin, + authGuestLogin: WIKI.config.auth.guestLogin, authEnforce2FA: WIKI.config.auth.enforce2FA, authHideLocal: WIKI.config.auth.hideLocal, authLoginBgUrl: WIKI.config.auth.loginBgUrl, @@ -82,6 +83,7 @@ module.exports = { WIKI.config.auth = { autoLogin: _.get(args, 'authAutoLogin', WIKI.config.auth.autoLogin), + guestLogin: _.get(args, 'authGuestLogin', WIKI.config.auth.guestLogin), enforce2FA: _.get(args, 'authEnforce2FA', WIKI.config.auth.enforce2FA), hideLocal: _.get(args, 'authHideLocal', WIKI.config.auth.hideLocal), loginBgUrl: _.get(args, 'authLoginBgUrl', WIKI.config.auth.loginBgUrl), diff --git a/server/graph/schemas/site.graphql b/server/graph/schemas/site.graphql index 29370f20..0d6e99e4 100644 --- a/server/graph/schemas/site.graphql +++ b/server/graph/schemas/site.graphql @@ -36,6 +36,7 @@ type SiteMutation { logoUrl: String pageExtensions: String authAutoLogin: Boolean + authGuestLogin: Boolean authEnforce2FA: Boolean authHideLocal: Boolean authLoginBgUrl: String @@ -86,6 +87,7 @@ type SiteConfig { logoUrl: String pageExtensions: String authAutoLogin: Boolean + authGuestLogin: Boolean authEnforce2FA: Boolean authHideLocal: Boolean authLoginBgUrl: String From 4a589bab3d45dfaee6ee64f4d533bb0252d7a2aa Mon Sep 17 00:00:00 2001 From: Paul O'Fallon Date: Sun, 7 May 2023 21:24:17 -0400 Subject: [PATCH 3/4] Move label and hint into comments Since leaving them in the v-switch without values breaks the switch. --- client/components/admin/admin-security.vue | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/client/components/admin/admin-security.vue b/client/components/admin/admin-security.vue index 20aaf5d4..693afe05 100644 --- a/client/components/admin/admin-security.vue +++ b/client/components/admin/admin-security.vue @@ -196,14 +196,14 @@ persistent-hint :hint='$t(`admin:security.hideLocalLoginHint`)' ) + //- :label='$t(`admin:security.startGuestAuth`)' + //- :hint='$t(`admin:security.startGuestAuthHint`)' v-switch( inset - :label='$t(`admin:security.startGuestAuth`)' color='primary' v-model='config.authGuestLogin' prepend-icon='mdi-login-variant' persistent-hint - :hint='$t(`admin:security.startGuestAuthHint`)' ) v-divider.mt-3 .overline.grey--text.pa-4 {{$t('admin:security.loginSecurity')}} From aab9050afee40f5fc6816b6e1578e80a91f94f0b Mon Sep 17 00:00:00 2001 From: Paul O'Fallon Date: Sun, 7 May 2023 21:24:37 -0400 Subject: [PATCH 4/4] Change icon so it doesn't overlap with "Exit" --- client/components/admin/admin-security.vue | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/client/components/admin/admin-security.vue b/client/components/admin/admin-security.vue index 693afe05..cf498750 100644 --- a/client/components/admin/admin-security.vue +++ b/client/components/admin/admin-security.vue @@ -202,7 +202,7 @@ inset color='primary' v-model='config.authGuestLogin' - prepend-icon='mdi-login-variant' + prepend-icon='mdi-login' persistent-hint ) v-divider.mt-3