From 012b338c7bde69c9fe2b78f817d954add7719a35 Mon Sep 17 00:00:00 2001
From: Stefano Alberto Russo <stefano.russo@gmail.com>
Date: Wed, 9 Feb 2022 00:11:42 +0100
Subject: [PATCH] Added the DISABLE_LOCAL_AUTH conf to the README and fixed an
 inconsistent behaviour in the login page.

---
 README.md                                      | 1 +
 services/webapp/code/rosetta/core_app/views.py | 5 +++++
 2 files changed, 6 insertions(+)

diff --git a/README.md b/README.md
index f5cd4c7..da97ed2 100755
--- a/README.md
+++ b/README.md
@@ -64,6 +64,7 @@ Example Webapp configuraion:
       - OIDC_OP_AUTHORIZATION_ENDPOINT=""
       - OIDC_OP_TOKEN_ENDPOINT=""
       - OIDC_OP_JWKS_ENDPOINT=""
+      - DISABLE_LOCAL_AUTH=False
  
 In Rosetta, only power users can:
 
diff --git a/services/webapp/code/rosetta/core_app/views.py b/services/webapp/code/rosetta/core_app/views.py
index 3961f73..0f53b84 100644
--- a/services/webapp/code/rosetta/core_app/views.py
+++ b/services/webapp/code/rosetta/core_app/views.py
@@ -36,6 +36,11 @@ def login_view(request):
     # If authenticated user reloads the main URL
     if request.method == 'GET' and request.user.is_authenticated:
         return HttpResponseRedirect('/main/')
+    else:
+        # If local auth disabled, just render login page
+        # (will be rendered an open id connect url only)
+        if settings.DISABLE_LOCAL_AUTH:
+            return render(request, 'login.html', {'data': data})
 
     # If unauthenticated user tries to log in
     if request.method == 'POST':
-- 
GitLab