diff --git a/README.md b/README.md index 5a66578..9a7a990 100644 --- a/README.md +++ b/README.md @@ -33,7 +33,12 @@ _The current files list when logged in_ git clone https://github.com/jackzmc/storage.git cd storage -# Configure your database (create .env file with your PostgreSQL connection) +# Copy the sample config +cp config.sample.toml config.toml +# Edit the config.toml or provide the equivalant settings with env +# ex: [auth.oidc] ---> STORAGE_auth.oidc.issuer__url +# issuer-url +# Configure your database (requires to be set by env for now) echo "DATABASE_URL=postgres://username:password@localhost" > .env # Build the project @@ -52,12 +57,18 @@ Rough roadmap in a rough order of priority * [ ] WebDAV Support * [ ] Email support (for password resets, user invites) + * [ ] Email sender utility + * [ ] Individual email actions * [ ] SSO Support (openid) + * [x] Basic implementation + * [ ] User mapping + * [ ] User creation + * [ ] User logout +* [ ] S3 backend support * [ ] Administration panel * [ ] Add storage backends * [ ] Manage users * [ ] Change app settings -* [ ] S3 backend support ## Documentation diff --git a/src/config.rs b/src/config.rs index 7705a22..3becf34 100644 --- a/src/config.rs +++ b/src/config.rs @@ -2,7 +2,7 @@ use std::collections::HashMap; use std::env::var; use figment::Figment; use figment::providers::{Env, Format, Toml}; -use log::error; +use log::{debug, error}; use openidconnect::core::{CoreClient, CoreProviderMetadata}; use openidconnect::IssuerUrl; use openidconnect::url::Url; @@ -55,6 +55,12 @@ pub struct AuthConfig { pub oidc: Option, } +impl AuthConfig { + pub fn oidc_enabled(&self) -> bool { + self.oidc.as_ref().map(|o| o.enabled).unwrap_or(false) + } +} + #[derive(Debug, Serialize, Deserialize, Clone)] #[serde(rename_all = "kebab-case")] pub struct OidcConfig { diff --git a/src/routes/ui/auth/login.rs b/src/routes/ui/auth/login.rs index a7e1568..d19c1b2 100644 --- a/src/routes/ui/auth/login.rs +++ b/src/routes/ui/auth/login.rs @@ -6,6 +6,7 @@ use rocket::http::{Header, Status}; use rocket_dyn_templates::{context, Template}; use rocket_session_store::Session; use crate::{GlobalMetadata, LoginSessionData, SessionData, DB}; +use crate::config::AppConfig; use crate::consts::{APP_METADATA, DISABLE_LOGIN_CHECK}; use crate::models::user::validate_user_form; use crate::routes::ui::auth::HackyRedirectBecauseRocketBug; @@ -16,7 +17,8 @@ pub async fn page( route: &Route, session: Session<'_, SessionData>, return_to: Option, - logged_out: Option + logged_out: Option, + settings: &State, ) -> Template { // TODO: redirect if already logged in let csrf_token = set_csrf(&session).await; @@ -26,7 +28,8 @@ pub async fn page( form: &Context::default(), return_to, logged_out, - meta: APP_METADATA.clone() + meta: APP_METADATA.clone(), + sso_enabled: settings.auth.oidc_enabled() }) } @@ -50,6 +53,7 @@ pub async fn handler( ip_addr: IpAddr, session: Session<'_, SessionData>, mut form: Form>>, + settings: &State, return_to: Option, ) -> Result { trace!("handler"); @@ -87,7 +91,8 @@ pub async fn handler( csrf_token: csrf_token, form: &form.context, return_to, - meta: APP_METADATA.clone() + meta: APP_METADATA.clone(), + sso_enabled: settings.auth.oidc_enabled() }; Err(Template::render("auth/login", &ctx)) } \ No newline at end of file diff --git a/templates/auth/login.html.hbs b/templates/auth/login.html.hbs index 0ad8b67..38dd43a 100644 --- a/templates/auth/login.html.hbs +++ b/templates/auth/login.html.hbs @@ -58,7 +58,7 @@
{{#if sso_enabled}} - Login with SSO + Login with SSO {{/if}}