diff --git a/.env.example b/.env.example index e4a935626..494875c7b 100644 --- a/.env.example +++ b/.env.example @@ -14,3 +14,12 @@ POSTGRES_PASSWORD= ACCESS_TOKEN_SALT= DATABASE_URL=postgresql://${POSTGRES_USER}:${POSTGRES_PASSWORD}@postgres:5432/${POSTGRES_DB}?connect_timeout=300&sslmode=prefer JWT_SECRET_KEY= + +# AUTHENTICATION +# Enable authentication with Google OAuth (default: false) +# ENABLE_FEATURE_AUTH_GOOGLE=true +# GOOGLE_CLIENT_ID= +# GOOGLE_SECRET= + +# Enable authentication with Security Token (default: true) +# ENABLE_FEATURE_AUTH_TOKEN=true diff --git a/apps/api/src/app/info/info.service.ts b/apps/api/src/app/info/info.service.ts index c31f601e3..b567a9ca8 100644 --- a/apps/api/src/app/info/info.service.ts +++ b/apps/api/src/app/info/info.service.ts @@ -70,8 +70,12 @@ export class InfoService { ); } - if (this.configurationService.get('ENABLE_FEATURE_SOCIAL_LOGIN')) { - globalPermissions.push(permissions.enableSocialLogin); + if (this.configurationService.get('ENABLE_FEATURE_AUTH_GOOGLE')) { + globalPermissions.push(permissions.enableAuthGoogle); + } + + if (this.configurationService.get('ENABLE_FEATURE_AUTH_TOKEN')) { + globalPermissions.push(permissions.enableAuthToken); } if (this.configurationService.get('ENABLE_FEATURE_STATISTICS')) { diff --git a/apps/api/src/services/configuration/configuration.service.ts b/apps/api/src/services/configuration/configuration.service.ts index 473d909ee..aa9f2a060 100644 --- a/apps/api/src/services/configuration/configuration.service.ts +++ b/apps/api/src/services/configuration/configuration.service.ts @@ -42,7 +42,8 @@ export class ConfigurationService { }), ENABLE_FEATURE_FEAR_AND_GREED_INDEX: bool({ default: false }), ENABLE_FEATURE_READ_ONLY_MODE: bool({ default: false }), - ENABLE_FEATURE_SOCIAL_LOGIN: bool({ default: false }), + ENABLE_FEATURE_AUTH_GOOGLE: bool({ default: false }), + ENABLE_FEATURE_AUTH_TOKEN: bool({ default: true }), ENABLE_FEATURE_STATISTICS: bool({ default: false }), ENABLE_FEATURE_SUBSCRIPTION: bool({ default: false }), ENABLE_FEATURE_SYSTEM_MESSAGE: bool({ default: false }), diff --git a/apps/api/src/services/interfaces/environment.interface.ts b/apps/api/src/services/interfaces/environment.interface.ts index 2f94739fb..918b123ed 100644 --- a/apps/api/src/services/interfaces/environment.interface.ts +++ b/apps/api/src/services/interfaces/environment.interface.ts @@ -18,7 +18,8 @@ export interface Environment extends CleanedEnvAccessors { DATA_SOURCES_GHOSTFOLIO_DATA_PROVIDER: string[]; ENABLE_FEATURE_FEAR_AND_GREED_INDEX: boolean; ENABLE_FEATURE_READ_ONLY_MODE: boolean; - ENABLE_FEATURE_SOCIAL_LOGIN: boolean; + ENABLE_FEATURE_AUTH_GOOGLE: boolean; + ENABLE_FEATURE_AUTH_TOKEN: boolean; ENABLE_FEATURE_STATISTICS: boolean; ENABLE_FEATURE_SUBSCRIPTION: boolean; ENABLE_FEATURE_SYSTEM_MESSAGE: boolean; diff --git a/apps/client/src/app/components/header/header.component.ts b/apps/client/src/app/components/header/header.component.ts index 24fa82d02..03d53e058 100644 --- a/apps/client/src/app/components/header/header.component.ts +++ b/apps/client/src/app/components/header/header.component.ts @@ -105,7 +105,8 @@ export class GfHeaderComponent implements OnChanges { public hasFilters: boolean; public hasImpersonationId: boolean; - public hasPermissionForSocialLogin: boolean; + public hasPermissionForAuthGoogle: boolean; + public hasPermissionForAuthToken: boolean; public hasPermissionForSubscription: boolean; public hasPermissionToAccessAdminControl: boolean; public hasPermissionToAccessAssistant: boolean; @@ -165,9 +166,14 @@ export class GfHeaderComponent implements OnChanges { public ngOnChanges() { this.hasFilters = this.userService.hasFilters(); - this.hasPermissionForSocialLogin = hasPermission( + this.hasPermissionForAuthGoogle = hasPermission( this.info?.globalPermissions, - permissions.enableSocialLogin + permissions.enableAuthGoogle + ); + + this.hasPermissionForAuthToken = hasPermission( + this.info?.globalPermissions, + permissions.enableAuthToken ); this.hasPermissionForSubscription = hasPermission( @@ -280,7 +286,8 @@ export class GfHeaderComponent implements OnChanges { autoFocus: false, data: { accessToken: '', - hasPermissionToUseSocialLogin: this.hasPermissionForSocialLogin, + hasPermissionToUseAuthGoogle: this.hasPermissionForAuthGoogle, + hasPermissionToUseAuthToken: this.hasPermissionForAuthToken, title: $localize`Sign in` }, width: '30rem' diff --git a/apps/client/src/app/components/login-with-access-token-dialog/interfaces/interfaces.ts b/apps/client/src/app/components/login-with-access-token-dialog/interfaces/interfaces.ts index 2fa8b7ea4..c7c4ab3fd 100644 --- a/apps/client/src/app/components/login-with-access-token-dialog/interfaces/interfaces.ts +++ b/apps/client/src/app/components/login-with-access-token-dialog/interfaces/interfaces.ts @@ -1,5 +1,6 @@ export interface LoginWithAccessTokenDialogParams { accessToken: string; - hasPermissionToUseSocialLogin: boolean; + hasPermissionToUseAuthGoogle: boolean; + hasPermissionToUseAuthToken: boolean; title: string; } diff --git a/apps/client/src/app/components/login-with-access-token-dialog/login-with-access-token-dialog.html b/apps/client/src/app/components/login-with-access-token-dialog/login-with-access-token-dialog.html index 15e68822a..4bb399469 100644 --- a/apps/client/src/app/components/login-with-access-token-dialog/login-with-access-token-dialog.html +++ b/apps/client/src/app/components/login-with-access-token-dialog/login-with-access-token-dialog.html @@ -3,28 +3,35 @@
- - Security Token - - - + + + } - @if (data.hasPermissionToUseSocialLogin) { + @if ( + data.hasPermissionToUseAuthGoogle && data.hasPermissionToUseAuthToken + ) {
or
+ } + + @if (data.hasPermissionToUseAuthGoogle) {
- Stay signed in + @if (data.hasPermissionToUseAuthToken) { + Stay signed in + }
- + @if (data.hasPermissionToUseAuthToken) { + + }
diff --git a/apps/client/src/app/pages/register/register-page.component.ts b/apps/client/src/app/pages/register/register-page.component.ts index 78162487d..d37a91f8e 100644 --- a/apps/client/src/app/pages/register/register-page.component.ts +++ b/apps/client/src/app/pages/register/register-page.component.ts @@ -30,7 +30,8 @@ import { GfUserAccountRegistrationDialogComponent } from './user-account-registr }) export class GfRegisterPageComponent implements OnDestroy, OnInit { public deviceType: string; - public hasPermissionForSocialLogin: boolean; + public hasPermissionForAuthGoogle: boolean; + public hasPermissionForAuthToken: boolean; public hasPermissionForSubscription: boolean; public hasPermissionToCreateUser: boolean; public historicalDataItems: LineChartItem[]; @@ -55,9 +56,14 @@ export class GfRegisterPageComponent implements OnDestroy, OnInit { this.deviceType = this.deviceService.getDeviceInfo().deviceType; - this.hasPermissionForSocialLogin = hasPermission( + this.hasPermissionForAuthGoogle = hasPermission( globalPermissions, - permissions.enableSocialLogin + permissions.enableAuthGoogle + ); + + this.hasPermissionForAuthToken = hasPermission( + globalPermissions, + permissions.enableAuthToken ); this.hasPermissionForSubscription = hasPermission( diff --git a/apps/client/src/app/pages/register/register-page.html b/apps/client/src/app/pages/register/register-page.html index de53777fa..302b81016 100644 --- a/apps/client/src/app/pages/register/register-page.html +++ b/apps/client/src/app/pages/register/register-page.html @@ -18,16 +18,20 @@
- - @if (hasPermissionForSocialLogin) { + @if (hasPermissionForAuthToken) { + + } + @if (hasPermissionForAuthGoogle && hasPermissionForAuthToken) {
or
+ } + @if (hasPermissionForAuthGoogle) { { return ( - permission !== permissions.enableSocialLogin && + permission !== permissions.enableAuthGoogle && permission !== permissions.enableSubscription ); });