auth: disable registration on ui
diff --git a/core/auth/ui/.gitignore b/core/auth/ui/.gitignore
index dc33f72..cbfcd69 100644
--- a/core/auth/ui/.gitignore
+++ b/core/auth/ui/.gitignore
@@ -1,2 +1,3 @@
+server
server_arm64
server_amd64
diff --git a/core/auth/ui/main.go b/core/auth/ui/main.go
index 1b5f41a..7cb1f4d 100644
--- a/core/auth/ui/main.go
+++ b/core/auth/ui/main.go
@@ -28,6 +28,8 @@
var apiPort = flag.Int("api-port", 8081, "API Port to listen on")
var kratosAPI = flag.String("kratos-api", "", "Kratos API address")
+var enableRegistration = flag.Bool("enable-registration", false, "If true account registration will be enabled")
+
var ErrNotLoggedIn = errors.New("Not logged in")
//go:embed templates/*
@@ -75,20 +77,21 @@
}
type Server struct {
- r *mux.Router
- serv *http.Server
- kratos string
- hydra *HydraClient
- tmpls *Templates
+ r *mux.Router
+ serv *http.Server
+ kratos string
+ hydra *HydraClient
+ tmpls *Templates
+ enableRegistration bool
}
-func NewServer(port int, kratos string, hydra *HydraClient, tmpls *Templates) *Server {
+func NewServer(port int, kratos string, hydra *HydraClient, tmpls *Templates, enableRegistration bool) *Server {
r := mux.NewRouter()
serv := &http.Server{
Addr: fmt.Sprintf(":%d", port),
Handler: r,
}
- return &Server{r, serv, kratos, hydra, tmpls}
+ return &Server{r, serv, kratos, hydra, tmpls, enableRegistration}
}
func cacheControlWrapper(h http.Handler) http.Handler {
@@ -103,8 +106,10 @@
var staticFS = http.FS(static)
fs := http.FileServer(staticFS)
s.r.PathPrefix("/static/").Handler(cacheControlWrapper(fs))
- s.r.Path("/register").Methods(http.MethodGet).HandlerFunc(s.registerInitiate)
- s.r.Path("/register").Methods(http.MethodPost).HandlerFunc(s.register)
+ if s.enableRegistration {
+ s.r.Path("/register").Methods(http.MethodGet).HandlerFunc(s.registerInitiate)
+ s.r.Path("/register").Methods(http.MethodPost).HandlerFunc(s.register)
+ }
s.r.Path("/login").Methods(http.MethodGet).HandlerFunc(s.loginInitiate)
s.r.Path("/login").Methods(http.MethodPost).HandlerFunc(s.login)
s.r.Path("/consent").Methods(http.MethodGet).HandlerFunc(s.consent)
@@ -245,7 +250,10 @@
return
}
w.Header().Set("Content-Type", "text/html")
- if err := s.tmpls.Login.Execute(w, csrfToken); err != nil {
+ if err := s.tmpls.Login.Execute(w, map[string]any{
+ "csrfToken": csrfToken,
+ "enableRegistration": s.enableRegistration,
+ }); err != nil {
http.Error(w, err.Error(), http.StatusInternalServerError)
return
}
@@ -513,6 +521,7 @@
*kratos,
NewHydraClient(*hydra),
t,
+ *enableRegistration,
)
log.Fatal(s.Start())
}()
diff --git a/core/auth/ui/templates/login.html b/core/auth/ui/templates/login.html
index f01f157..1ed3d40 100644
--- a/core/auth/ui/templates/login.html
+++ b/core/auth/ui/templates/login.html
@@ -3,9 +3,10 @@
<form action="" method="POST">
<input type="text" name="username" placeholder="Username" autofocus required />
<input type="password" name="password" placeholder="Password" required />
- <input type="hidden" name="csrf_token" value="{{ . }}" />
+ <input type="hidden" name="csrf_token" value="{{ .csrfToken }}" />
<button type="submit">Sign In</button>
</form>
+{{- if .enableRegistration -}}
<nav>
<ul>
<li>
@@ -13,4 +14,5 @@
</li>
</ul>
</nav>
+{{- end -}}
{{ end }}
diff --git a/core/installer/values-tmpl/core-auth.yaml b/core/installer/values-tmpl/core-auth.yaml
index 219b6c4..26af983 100644
--- a/core/installer/values-tmpl/core-auth.yaml
+++ b/core/installer/values-tmpl/core-auth.yaml
@@ -296,3 +296,4 @@
domain: {{ .Global.Domain }}
internalDomain: p.{{ .Global.Domain }}
hydra: hydra-admin.{{ .Global.Id }}-core-auth.svc.cluster.local
+ enableRegistration: false