Disable Authentication & Login Page Rework (#619)

* Implemented the ability to disable authentication on a server instance. Admins will require authentication, but non-admin accounts can be setup without any password requirements. * WIP for new login page. * Reworked code to handle disabled auth better. First time user flow is moved into the user login component. * Removed debug code * Removed home component, shakeout testing is complete. * remove a file accidently committed * Fixed a code smell from last PR * Code smells
2021-10-02 09:23:58 -07:00 · 2021-10-02 09:23:58 -07:00 · a5b6bf1b52
commit a5b6bf1b52
parent 83d76982f4
36 changed files with 376 additions and 174 deletions
--- a/API/Controllers/SettingsController.cs
+++ b/API/Controllers/SettingsController.cs
@ -8,6 +8,8 @@ using API.Entities.Enums;
 using API.Extensions;
 using API.Helpers.Converters;
 using API.Interfaces;
+using API.Interfaces.Services;
+using API.Services;
 using Kavita.Common;
 using Kavita.Common.Extensions;
 using Microsoft.AspNetCore.Authorization;
@ -21,12 +23,14 @@ namespace API.Controllers
        private readonly ILogger<SettingsController> _logger;
        private readonly IUnitOfWork _unitOfWork;
        private readonly ITaskScheduler _taskScheduler;
+        private readonly IAccountService _accountService;

-        public SettingsController(ILogger<SettingsController> logger, IUnitOfWork unitOfWork, ITaskScheduler taskScheduler)
+        public SettingsController(ILogger<SettingsController> logger, IUnitOfWork unitOfWork, ITaskScheduler taskScheduler, IAccountService accountService)
        {
            _logger = logger;
            _unitOfWork = unitOfWork;
            _taskScheduler = taskScheduler;
+            _accountService = accountService;
        }

        [Authorize(Policy = "RequireAdminRole")]
@ -57,6 +61,7 @@ namespace API.Controllers

            // We do not allow CacheDirectory changes, so we will ignore.
            var currentSettings = await _unitOfWork.SettingsRepository.GetSettingsAsync();
+            var updateAuthentication = false;

            foreach (var setting in currentSettings)
            {
@ -93,6 +98,13 @@ namespace API.Controllers
                    _unitOfWork.SettingsRepository.Update(setting);
                }

+                if (setting.Key == ServerSettingKey.EnableAuthentication && updateSettingsDto.EnableAuthentication + string.Empty != setting.Value)
+                {
+                    setting.Value = updateSettingsDto.EnableAuthentication + string.Empty;
+                    _unitOfWork.SettingsRepository.Update(setting);
+                    updateAuthentication = true;
+                }
+
                if (setting.Key == ServerSettingKey.AllowStatCollection && updateSettingsDto.AllowStatCollection + string.Empty != setting.Value)
                {
                    setting.Value = updateSettingsDto.AllowStatCollection + string.Empty;
@ -110,12 +122,33 @@ namespace API.Controllers

            if (!_unitOfWork.HasChanges()) return Ok("Nothing was updated");

-            if (!_unitOfWork.HasChanges() || !await _unitOfWork.CommitAsync())
+            try
            {
+                await _unitOfWork.CommitAsync();
+
+                if (updateAuthentication)
+                {
+                    var users = await _unitOfWork.UserRepository.GetNonAdminUsersAsync();
+                    foreach (var user in users)
+                    {
+                        var errors = await _accountService.ChangeUserPassword(user, AccountService.DefaultPassword);
+                        if (!errors.Any()) continue;
+
+                        await _unitOfWork.RollbackAsync();
+                        return BadRequest(errors);
+                    }
+
+                    _logger.LogInformation("Server authentication changed. Updated all non-admins to default password");
+                }
+            }
+            catch (Exception ex)
+            {
+                _logger.LogError(ex, "There was an exception when updating server settings");
                await _unitOfWork.RollbackAsync();
                return BadRequest("There was a critical issue. Please try again.");
            }

+
            _logger.LogInformation("Server Settings updated");
            _taskScheduler.ScheduleTasks();
            return Ok(updateSettingsDto);
@ -148,5 +181,12 @@ namespace API.Controllers
            var settingsDto = await _unitOfWork.SettingsRepository.GetSettingsDtoAsync();
            return Ok(settingsDto.EnableOpds);
        }
+
+        [HttpGet("authentication-enabled")]
+        public async Task<ActionResult<bool>> GetAuthenticationEnabled()
+        {
+            var settingsDto = await _unitOfWork.SettingsRepository.GetSettingsDtoAsync();
+            return Ok(settingsDto.EnableAuthentication);
+        }
    }
 }