Adds a global admin setting to hide the username/password form on the
login page, useful for deployments that rely solely on SSO/OIDC or
passkeys. The form defaults to enabled so existing deployments are
unaffected.
Changes:
- Add PASSWORD_LOGIN_ENABLED_KEY constant
- Add isPasswordLoginEnabled / setPasswordLoginEnabled to system service
(defaults to true when no DB record exists)
- Add GET/PUT /api/v1/system/password-login-status endpoints (GET
auth-gated for admin use; setting is exposed to the login page via
the existing getLoginOptions server function)
- Extend getLoginOptions to include passwordLoginEnabled
- Conditionally render the password login form in LoginPage
- Add "Enable password login" toggle in the admin System Settings tab,
next to "Enable new user registrations"
- Add corresponding entries to generated API client files
(types.gen.ts, sdk.gen.ts, @tanstack/react-query.gen.ts)
Closes#941
* refactor(agent): store SFTP volume keys in tmp
* refactor: store temp keys in /run/zerobyte subfolders
* fix(restic): clean temp secrets dir on env setup failure
* fix: one secrets temp dir per env building
* feat: edit repository form
* refactor: local repo path concat as a code migration
* refactor: server constants
* chore: fix lint issue in test file
* refactor: add auth to getServerConstants
* test(e2e): admin user registration
* ci: e2e workflow
* feat: disable rate limiting env var
* test(e2e): fix order of execution in registration tests
* ci: run e2e tests before release
* test: backups service
* refactor: create hono app in a separate file
To avoid side effects like db migration or startup scripts when testing
test(backups): add security tests to the backups controller
* ci: run typechecks, build and tests on PR
* test: controllers security tests
* chore: update lock file
* refactor: pr feedbacks
* refactor: use short ids to allow changing the name of volumes & repos
* refactor: address PR feedbacks
* fix: make short_id non null after initial population