From 5a62ae5cbf47cf6537f6c95aba4b1d04dea5f5af Mon Sep 17 00:00:00 2001 From: zeripath Date: Sat, 19 Oct 2019 15:27:15 +0100 Subject: Add setting to disable BASIC authentication (#8586) Closes #8561. --- modules/auth/auth.go | 3 +++ modules/setting/service.go | 2 ++ 2 files changed, 5 insertions(+) (limited to 'modules') diff --git a/modules/auth/auth.go b/modules/auth/auth.go index 624bb15cbf..1ba149f0f8 100644 --- a/modules/auth/auth.go +++ b/modules/auth/auth.go @@ -224,6 +224,9 @@ func SignedInUser(ctx *macaron.Context, sess session.Store) (*models.User, bool) } if u == nil { + if !setting.Service.EnableBasicAuth { + return nil, false + } u, err = models.UserSignIn(uname, passwd) if err != nil { if !models.IsErrUserNotExist(err) { diff --git a/modules/setting/service.go b/modules/setting/service.go index 905b1326f7..dea4081ee8 100644 --- a/modules/setting/service.go +++ b/modules/setting/service.go @@ -23,6 +23,7 @@ var Service struct { ShowRegistrationButton bool RequireSignInView bool EnableNotifyMail bool + EnableBasicAuth bool EnableReverseProxyAuth bool EnableReverseProxyAutoRegister bool EnableReverseProxyEmail bool @@ -60,6 +61,7 @@ func newService() { Service.EmailDomainWhitelist = sec.Key("EMAIL_DOMAIN_WHITELIST").Strings(",") Service.ShowRegistrationButton = sec.Key("SHOW_REGISTRATION_BUTTON").MustBool(!(Service.DisableRegistration || Service.AllowOnlyExternalRegistration)) Service.RequireSignInView = sec.Key("REQUIRE_SIGNIN_VIEW").MustBool() + Service.EnableBasicAuth = sec.Key("ENABLE_BASIC_AUTHENTICATION").MustBool(true) Service.EnableReverseProxyAuth = sec.Key("ENABLE_REVERSE_PROXY_AUTHENTICATION").MustBool() Service.EnableReverseProxyAutoRegister = sec.Key("ENABLE_REVERSE_PROXY_AUTO_REGISTRATION").MustBool() Service.EnableReverseProxyEmail = sec.Key("ENABLE_REVERSE_PROXY_EMAIL").MustBool() -- cgit v1.2.3