Add sso button on login if enabled

README.md

@@ -33,7 +33,12 @@ _The current files list when logged in_
 git clone https://github.com/jackzmc/storage.git
 cd storage
 
-# Configure your database (create .env file with your PostgreSQL connection)
+# Copy the sample config
+cp config.sample.toml config.toml
+# Edit the config.toml or provide the equivalant settings with env
+# ex: [auth.oidc]  ---> STORAGE_auth.oidc.issuer__url
+#     issuer-url
+# Configure your database (requires to be set by env for now)
 echo "DATABASE_URL=postgres://username:password@localhost" > .env
 
 # Build the project
@@ -52,12 +57,18 @@ Rough roadmap in a rough order of priority
 
 * [ ] WebDAV Support
 * [ ] Email support (for password resets, user invites)
+  * [ ] Email sender utility
+  * [ ] Individual email actions
 * [ ] SSO Support (openid)
+  * [x] Basic implementation
+  * [ ] User mapping
+  * [ ] User creation
+  * [ ] User logout
+* [ ] S3 backend support
 * [ ] Administration panel
   * [ ] Add storage backends
   * [ ] Manage users
   * [ ] Change app settings
-* [ ] S3 backend support
   
 ## Documentation
 

src/config.rs

@@ -2,7 +2,7 @@ use std::collections::HashMap;
 use std::env::var;
 use figment::Figment;
 use figment::providers::{Env, Format, Toml};
-use log::error;
+use log::{debug, error};
 use openidconnect::core::{CoreClient, CoreProviderMetadata};
 use openidconnect::IssuerUrl;
 use openidconnect::url::Url;
@@ -55,6 +55,12 @@ pub struct AuthConfig {
     pub oidc: Option<OidcConfig>,
 }
 
+impl AuthConfig {
+    pub fn oidc_enabled(&self) -> bool {
+        self.oidc.as_ref().map(|o| o.enabled).unwrap_or(false)
+    }
+}
+
 #[derive(Debug, Serialize, Deserialize, Clone)]
 #[serde(rename_all = "kebab-case")]
 pub struct OidcConfig {

src/routes/ui/auth/login.rs

@@ -6,6 +6,7 @@ use rocket::http::{Header, Status};
 use rocket_dyn_templates::{context, Template};
 use rocket_session_store::Session;
 use crate::{GlobalMetadata, LoginSessionData, SessionData, DB};
+use crate::config::AppConfig;
 use crate::consts::{APP_METADATA, DISABLE_LOGIN_CHECK};
 use crate::models::user::validate_user_form;
 use crate::routes::ui::auth::HackyRedirectBecauseRocketBug;
@@ -16,7 +17,8 @@ pub async fn page(
     route: &Route,
     session: Session<'_, SessionData>,
     return_to: Option<String>,
-    logged_out: Option<bool>
+    logged_out: Option<bool>,
+    settings: &State<AppConfig>,
 ) -> Template {
     // TODO: redirect if already logged in
     let csrf_token = set_csrf(&session).await;
@@ -26,7 +28,8 @@ pub async fn page(
         form: &Context::default(),
         return_to,
         logged_out,
-        meta: APP_METADATA.clone()
+        meta: APP_METADATA.clone(),
+        sso_enabled: settings.auth.oidc_enabled()
     })
 }
 
@@ -50,6 +53,7 @@ pub async fn handler(
     ip_addr: IpAddr,
     session: Session<'_, SessionData>,
     mut form: Form<Contextual<'_, LoginForm<'_>>>,
+    settings: &State<AppConfig>,
     return_to: Option<String>,
 ) -> Result<HackyRedirectBecauseRocketBug, Template> {
     trace!("handler");
@@ -87,7 +91,8 @@ pub async fn handler(
         csrf_token: csrf_token,
         form: &form.context,
         return_to,
-        meta: APP_METADATA.clone()
+        meta: APP_METADATA.clone(),
+        sso_enabled: settings.auth.oidc_enabled()
     };
     Err(Template::render("auth/login", &ctx))
 }

templates/auth/login.html.hbs

@@ -58,7 +58,7 @@
                 <div class="buttons">
                     <button class="button is-link is-fullwidth" type="submit" >Login</button>
                     {{#if sso_enabled}}
-                    <a href="/login/sso" class="button is-fullwidth">Login with SSO</a>
+                    <a href="/auth/sso" class="button is-fullwidth">Login with SSO</a>
                     {{/if}}
                 </div>
             </form>