Disable Authentication & Login Page Rework (#619)

* Implemented the ability to disable authentication on a server instance. Admins will require authentication, but non-admin accounts can be setup without any password requirements.

* WIP for new login page.

* Reworked code to handle disabled auth better. First time user flow is moved into the user login component.

* Removed debug code

* Removed home component, shakeout testing is complete.

* remove a file accidently committed

* Fixed a code smell from last PR

* Code smells

UI/Web/src/app/admin/_models/server-settings.ts

@@ -6,4 +6,5 @@ export interface ServerSettings {
     port: number;
     allowStatCollection: boolean;
     enableOpds: boolean;
+    enableAuthentication: boolean;
 }

UI/Web/src/app/admin/manage-settings/manage-settings.component.html

@@ -42,6 +42,15 @@
             </div>
         </div>
 
+        <div class="form-group">
+            <label for="authentication" aria-describedby="authentication-info">Authentication</label>
+            <p class="accent" id="authentication-info">By disabling authentication, all non-admin users will be able to login by just their username. No password will be required to authenticate.</p>
+            <div class="form-check">
+                <input id="authentication" type="checkbox" aria-label="User Authentication" class="form-check-input" formControlName="enableAuthentication">
+                <label for="authentication" class="form-check-label">Enable Authentication</label>
+            </div>
+        </div>
+
         <h4>Reoccuring Tasks</h4>
         <div class="form-group">
             <label for="settings-tasks-scan">Library Scan</label>&nbsp;<i class="fa fa-info-circle" placement="right" [ngbTooltip]="taskScanTooltip" role="button" tabindex="0"></i>

UI/Web/src/app/admin/manage-settings/manage-settings.component.ts

@@ -2,6 +2,7 @@ import { Component, OnInit } from '@angular/core';
 import { FormGroup, FormControl, Validators } from '@angular/forms';
 import { ToastrService } from 'ngx-toastr';
 import { take } from 'rxjs/operators';
+import { ConfirmService } from 'src/app/shared/confirm.service';
 import { SettingsService } from '../settings.service';
 import { ServerSettings } from '../_models/server-settings';
 
@@ -17,7 +18,7 @@ export class ManageSettingsComponent implements OnInit {
   taskFrequencies: Array<string> = [];
   logLevels: Array<string> = [];
 
-  constructor(private settingsService: SettingsService, private toastr: ToastrService) { }
+  constructor(private settingsService: SettingsService, private toastr: ToastrService, private confirmService: ConfirmService) { }
 
   ngOnInit(): void {
     this.settingsService.getTaskFrequencies().pipe(take(1)).subscribe(frequencies => {
@@ -35,6 +36,7 @@ export class ManageSettingsComponent implements OnInit {
       this.settingsForm.addControl('loggingLevel', new FormControl(this.serverSettings.loggingLevel, [Validators.required]));
       this.settingsForm.addControl('allowStatCollection', new FormControl(this.serverSettings.allowStatCollection, [Validators.required]));
       this.settingsForm.addControl('enableOpds', new FormControl(this.serverSettings.enableOpds, [Validators.required]));
+      this.settingsForm.addControl('enableAuthentication', new FormControl(this.serverSettings.enableAuthentication, [Validators.required]));
     });
   }
 
@@ -46,15 +48,28 @@ export class ManageSettingsComponent implements OnInit {
     this.settingsForm.get('loggingLevel')?.setValue(this.serverSettings.loggingLevel);
     this.settingsForm.get('allowStatCollection')?.setValue(this.serverSettings.allowStatCollection);
     this.settingsForm.get('enableOpds')?.setValue(this.serverSettings.enableOpds);
+    this.settingsForm.get('enableAuthentication')?.setValue(this.serverSettings.enableAuthentication);
   }
 
-  saveSettings() {
+  async saveSettings() {
     const modelSettings = this.settingsForm.value;
 
-    this.settingsService.updateServerSettings(modelSettings).pipe(take(1)).subscribe((settings: ServerSettings) => {
+    if (this.settingsForm.get('enableAuthentication')?.value === false) {
+      if (!await this.confirmService.confirm('Disabling Authentication opens your server up to unauthorized access and possible hacking. Are you sure you want to continue with this?')) {
+        return;
+      }
+    }
+
+    const informUserAfterAuthenticationEnabled = this.settingsForm.get('enableAuthentication')?.value && !this.serverSettings.enableAuthentication;
+
+    this.settingsService.updateServerSettings(modelSettings).pipe(take(1)).subscribe(async (settings: ServerSettings) => {
       this.serverSettings = settings;
       this.resetForm();
       this.toastr.success('Server settings updated');
+
+      if (informUserAfterAuthenticationEnabled) {
+        await this.confirmService.alert('You have just re-enabled authentication. All non-admin users have been re-assigned a password of "[k.2@RZ!mxCQkJzE". This is a publicly known password. Please change their users passwords or request them to.');
+      }
     }, (err: any) => {
       console.error('error: ', err);
     });

UI/Web/src/app/admin/manage-users/manage-users.component.ts

@@ -77,7 +77,7 @@ export class ManageUsersComponent implements OnInit, OnDestroy {
     this.createMemberToggle = true;
   }
 
-  onMemberCreated(success: boolean) {
+  onMemberCreated(createdUser: User | null) {
     this.createMemberToggle = false;
     this.loadMembers();
   }

UI/Web/src/app/admin/settings.service.ts

@@ -35,4 +35,8 @@ export class SettingsService {
   getOpdsEnabled() {
     return this.http.get<boolean>(this.baseUrl + 'settings/opds-enabled', {responseType: 'text' as 'json'});
   }
+
+  getAuthenticationEnabled() {
+    return this.http.get<boolean>(this.baseUrl + 'settings/authentication-enabled', {responseType: 'text' as 'json'});
+  }
 }