Implements #750 - allows hiding the username/password login form when using OIDC SSO to avoid user confusion, while maintaining security. - Added HideLocalLogin config option (env: PULSE_AUTH_HIDE_LOCAL_LOGIN) - Exposed hideLocalLogin in /api/security/status endpoint - Updated Login.tsx to conditionally hide local login form - Added escape hatch via ?show_local=true URL parameter This approach avoids the security and upgrade issues that led to DISABLE_AUTH being removed (see #707, #678), while solving the UX problem of users being confused by multiple login options. |
||
|---|---|---|
| .. | ||
| api_tokens.go | ||
| api_tokens_test.go | ||
| client_helpers.go | ||
| client_helpers_test.go | ||
| config.go | ||
| credentials.go | ||
| docker_metadata.go | ||
| export.go | ||
| guest_metadata.go | ||
| import_transaction.go | ||
| oidc.go | ||
| persistence.go | ||
| persistence_fail_test.go | ||
| persistence_test.go | ||
| registration.go | ||
| watcher.go | ||