feat(auth): add option to disable built-in login when using OIDC (#1908)

* feat(auth): disable built-in login by config * cleanup config * fix(web): prevent login form flash by waiting for OIDC config * refactor(config): standardize OIDC TOML format - Adds camelCase TOML tags to OIDC config struct while keeping mapstructure tags for backward compatibility - Updates config template to use camelCase format * refactor: kyles changes * refactor: prefix disablebuiltinlogin with oidc * docs: revert format change --------- Co-authored-by: ze0s <43699394+zze0s@users.noreply.github.com>
2025-07-23 08:49:13 +00:00 · 2025-01-26 15:25:34 +01:00 · 2025-01-26 15:25:34 +01:00 · 024371e4eb
commit 024371e4eb
parent 9eff694a5f
7 changed files with 192 additions and 172 deletions
--- a/internal/config/config.go
+++ b/internal/config/config.go
@ -112,19 +112,22 @@ sessionSecret = "{{ .sessionSecret }}"
 # OpenID Connect Configuration
 #
 # Enable OIDC authentication
-#oidc_enabled = false
+#oidcEnabled = false
 #
 # OIDC Issuer URL (e.g. https://auth.example.com)
-#oidc_issuer = ""
+#oidcIssuer = ""
 #
 # OIDC Client ID
-#oidc_client_id = ""
+#oidcClientId = ""
 #
 # OIDC Client Secret
-#oidc_client_secret = ""
+#oidcClientSecret = ""
 #
 # OIDC Redirect URL (e.g. http://localhost:7474/api/auth/oidc/callback)
-#oidc_redirect_url = ""
+#oidcRedirectUrl = ""
+#
+# Disable Built In Login Form (only works when using external auth)
+#oidcDisableBuiltInLogin = false

 # Metrics
 #
@ -432,6 +435,10 @@ func (c *AppConfig) loadFromEnv() {
 		c.Config.OIDCRedirectURL = v
 	}

+	if v := os.Getenv(prefix + "OIDC_DISABLE_BUILT_IN_LOGIN"); v != "" {
+		c.Config.OIDCDisableBuiltInLogin = strings.EqualFold(strings.ToLower(v), "true")
+	}
+
 	if v := os.Getenv(prefix + "METRICS_ENABLED"); v != "" {
 		c.Config.MetricsEnabled = strings.EqualFold(strings.ToLower(v), "true")
 	}