feat(auth): add option to disable built-in login when using OIDC (#1908)

* feat(auth): disable built-in login by config

* cleanup config

* fix(web): prevent login form flash by waiting for OIDC config

* refactor(config): standardize OIDC TOML format

- Adds camelCase TOML tags to OIDC config struct while keeping mapstructure tags for backward compatibility
- Updates config template to use camelCase format

* refactor: kyles changes

* refactor: prefix disablebuiltinlogin with oidc

* docs: revert format change

---------

Co-authored-by: ze0s <43699394+zze0s@users.noreply.github.com>
This commit is contained in:
soup 2025-01-26 15:25:34 +01:00 committed by GitHub
parent 9eff694a5f
commit 024371e4eb
No known key found for this signature in database
GPG key ID: B5690EEEBB952194
7 changed files with 192 additions and 172 deletions

View file

@ -316,35 +316,36 @@ If you are not running a reverse proxy change `host` in the `config.toml` to `0.
The following environment variables can be used:
| Variable | Description | Default |
|-------------------------------------|--------------------------------------|------------------------------------------|
| `AUTOBRR__HOST` | Listen address | `127.0.0.1` |
| `AUTOBRR__PORT` | Listen port | `7474` |
| `AUTOBRR__BASE_URL` | Base URL for reverse proxy | `/` |
| `AUTOBRR__LOG_LEVEL` | Log level (DEBUG, INFO, WARN, ERROR) | `INFO` |
| `AUTOBRR__LOG_PATH` | Log file location | `/config/logs` |
| `AUTOBRR__LOG_MAX_SIZE` | Max size in MB before rotation | `10` |
| `AUTOBRR__LOG_MAX_BACKUPS` | Number of rotated logs to keep | `5` |
| `AUTOBRR__SESSION_SECRET` | Random string for session encryption | - |
| `AUTOBRR__CUSTOM_DEFINITIONS` | Path to custom indexer definitions | - |
| `AUTOBRR__CHECK_FOR_UPDATES` | Enable update checks | `true` |
| `AUTOBRR__DATABASE_TYPE` | Database type (sqlite/postgres) | `sqlite` |
| `AUTOBRR__POSTGRES_HOST` | PostgreSQL host | - |
| `AUTOBRR__POSTGRES_PORT` | PostgreSQL port | `5432` |
| `AUTOBRR__POSTGRES_DATABASE` | PostgreSQL database name | - |
| `AUTOBRR__POSTGRES_USER` | PostgreSQL username | - |
| `AUTOBRR__POSTGRES_PASS` | PostgreSQL password | - |
| `AUTOBRR__POSTGRES_SSLMODE` | PostgreSQL SSL mode | `disable` |
| `AUTOBRR__POSTGRES_EXTRA_PARAMS` | Additional PostgreSQL parameters | - |
| `AUTOBRR__OIDC_ENABLED` | Enable OpenID Connect authentication | `false` |
| `AUTOBRR__OIDC_ISSUER` | OIDC issuer URL | - |
| `AUTOBRR__OIDC_CLIENT_ID` | OIDC client ID | - |
| `AUTOBRR__OIDC_CLIENT_SECRET` | OIDC client secret | - |
| `AUTOBRR__OIDC_REDIRECT_URL` | OIDC callback URL | `https://baseurl/api/auth/oidc/callback` |
| `AUTOBRR__METRICS_ENABLED` | Enable Metrics server | `false` |
| `AUTOBRR__METRICS_HOST` | Metrics listen address | `127.0.0.1` |
| `AUTOBRR__METRICS_PORT` | Metrics listen port | `9074` |
| `AUTOBRR__METRICS_BASIC_AUTH_USERS` | Metrics basic auth users | - |
| Variable | Description | Default |
| -------------------------------------- | -------------------------------------------------------- | ---------------------------------------- |
| `AUTOBRR__HOST` | Listen address | `127.0.0.1` |
| `AUTOBRR__PORT` | Listen port | `7474` |
| `AUTOBRR__BASE_URL` | Base URL for reverse proxy | `/` |
| `AUTOBRR__LOG_LEVEL` | Log level (DEBUG, INFO, WARN, ERROR) | `INFO` |
| `AUTOBRR__LOG_PATH` | Log file location | `/config/logs` |
| `AUTOBRR__LOG_MAX_SIZE` | Max size in MB before rotation | `10` |
| `AUTOBRR__LOG_MAX_BACKUPS` | Number of rotated logs to keep | `5` |
| `AUTOBRR__SESSION_SECRET` | Random string for session encryption | - |
| `AUTOBRR__CUSTOM_DEFINITIONS` | Path to custom indexer definitions | - |
| `AUTOBRR__CHECK_FOR_UPDATES` | Enable update checks | `true` |
| `AUTOBRR__DATABASE_TYPE` | Database type (sqlite/postgres) | `sqlite` |
| `AUTOBRR__POSTGRES_HOST` | PostgreSQL host | - |
| `AUTOBRR__POSTGRES_PORT` | PostgreSQL port | `5432` |
| `AUTOBRR__POSTGRES_DATABASE` | PostgreSQL database name | - |
| `AUTOBRR__POSTGRES_USER` | PostgreSQL username | - |
| `AUTOBRR__POSTGRES_PASS` | PostgreSQL password | - |
| `AUTOBRR__POSTGRES_SSLMODE` | PostgreSQL SSL mode | `disable` |
| `AUTOBRR__POSTGRES_EXTRA_PARAMS` | Additional PostgreSQL parameters | - |
| `AUTOBRR__OIDC_ENABLED` | Enable OpenID Connect authentication | `false` |
| `AUTOBRR__OIDC_ISSUER` | OIDC issuer URL | - |
| `AUTOBRR__OIDC_CLIENT_ID` | OIDC client ID | - |
| `AUTOBRR__OIDC_CLIENT_SECRET` | OIDC client secret | - |
| `AUTOBRR__OIDC_REDIRECT_URL` | OIDC callback URL | `https://baseurl/api/auth/oidc/callback` |
| `AUTOBRR__OIDC_DISABLE_BUILT_IN_LOGIN` | Disable login form (only works when using external auth) | `false` |
| `AUTOBRR__METRICS_ENABLED` | Enable Metrics server | `false` |
| `AUTOBRR__METRICS_HOST` | Metrics listen address | `127.0.0.1` |
| `AUTOBRR__METRICS_PORT` | Metrics listen port | `9074` |
| `AUTOBRR__METRICS_BASIC_AUTH_USERS` | Metrics basic auth users | - |
## Community