From 66a3e319a878ad9fb1cd054b1f25cd4d00e7ea47 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Germ=C3=A1n=20Mart=C3=ADn?= Date: Fri, 14 Nov 2025 20:02:03 +0100 Subject: [PATCH] Feature/separate Google OAuth and token authentication (#5915) * Separate Google OAuth and token authentication * Update changelog --- CHANGELOG.md | 5 ++ apps/api/src/app/info/info.service.ts | 12 ++-- .../configuration/configuration.service.ts | 3 +- .../interfaces/environment.interface.ts | 3 +- .../app/components/header/header.component.ts | 15 +++-- .../interfaces/interfaces.ts | 3 +- .../login-with-access-token-dialog.html | 67 +++++++++++-------- .../pages/features/features-page.component.ts | 6 ++ .../src/app/pages/features/features-page.html | 2 +- .../pages/landing/landing-page.component.ts | 1 + .../pages/pricing/pricing-page.component.ts | 12 +++- .../src/app/pages/pricing/pricing-page.html | 2 +- .../pages/register/register-page.component.ts | 12 +++- .../src/app/pages/register/register-page.html | 22 +++--- libs/common/src/lib/permissions.ts | 5 +- 15 files changed, 112 insertions(+), 58 deletions(-) diff --git a/CHANGELOG.md b/CHANGELOG.md index 4437d077c..5e9e362cd 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -11,9 +11,14 @@ and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0 - Refactored the get holding functionality in the portfolio service - Changed the user data loading in the user detail dialog of the admin control panel’s users section to fetch data on demand +- Exposed the authentication with access token as an environment variable (`ENABLE_FEATURE_AUTH_TOKEN`) - Improved the language localization for German (`de`) - Upgraded `prisma` from version `6.18.0` to `6.19.0` +### Todo + +- Rename the environment variable from `ENABLE_FEATURE_SOCIAL_LOGIN` to `ENABLE_FEATURE_AUTH_GOOGLE` + ## 2.216.0 - 2025-11-10 ### Changed diff --git a/apps/api/src/app/info/info.service.ts b/apps/api/src/app/info/info.service.ts index c31f601e3..634fc959c 100644 --- a/apps/api/src/app/info/info.service.ts +++ b/apps/api/src/app/info/info.service.ts @@ -51,6 +51,14 @@ export class InfoService { const globalPermissions: string[] = []; + if (this.configurationService.get('ENABLE_FEATURE_AUTH_GOOGLE')) { + globalPermissions.push(permissions.enableAuthGoogle); + } + + if (this.configurationService.get('ENABLE_FEATURE_AUTH_TOKEN')) { + globalPermissions.push(permissions.enableAuthToken); + } + if (this.configurationService.get('ENABLE_FEATURE_FEAR_AND_GREED_INDEX')) { if (this.configurationService.get('ENABLE_FEATURE_SUBSCRIPTION')) { info.fearAndGreedDataSource = encodeDataSource( @@ -70,10 +78,6 @@ export class InfoService { ); } - if (this.configurationService.get('ENABLE_FEATURE_SOCIAL_LOGIN')) { - globalPermissions.push(permissions.enableSocialLogin); - } - if (this.configurationService.get('ENABLE_FEATURE_STATISTICS')) { globalPermissions.push(permissions.enableStatistics); } diff --git a/apps/api/src/services/configuration/configuration.service.ts b/apps/api/src/services/configuration/configuration.service.ts index 473d909ee..cb9fde832 100644 --- a/apps/api/src/services/configuration/configuration.service.ts +++ b/apps/api/src/services/configuration/configuration.service.ts @@ -40,9 +40,10 @@ export class ConfigurationService { DATA_SOURCES_GHOSTFOLIO_DATA_PROVIDER: json({ default: [] }), + ENABLE_FEATURE_AUTH_GOOGLE: bool({ default: false }), + ENABLE_FEATURE_AUTH_TOKEN: bool({ default: true }), ENABLE_FEATURE_FEAR_AND_GREED_INDEX: bool({ default: false }), ENABLE_FEATURE_READ_ONLY_MODE: bool({ default: false }), - ENABLE_FEATURE_SOCIAL_LOGIN: bool({ default: false }), ENABLE_FEATURE_STATISTICS: bool({ default: false }), ENABLE_FEATURE_SUBSCRIPTION: bool({ default: false }), ENABLE_FEATURE_SYSTEM_MESSAGE: bool({ default: false }), diff --git a/apps/api/src/services/interfaces/environment.interface.ts b/apps/api/src/services/interfaces/environment.interface.ts index 2f94739fb..f2ee84926 100644 --- a/apps/api/src/services/interfaces/environment.interface.ts +++ b/apps/api/src/services/interfaces/environment.interface.ts @@ -16,9 +16,10 @@ export interface Environment extends CleanedEnvAccessors { DATA_SOURCE_IMPORT: string; DATA_SOURCES: string[]; DATA_SOURCES_GHOSTFOLIO_DATA_PROVIDER: string[]; + ENABLE_FEATURE_AUTH_GOOGLE: boolean; + ENABLE_FEATURE_AUTH_TOKEN: boolean; ENABLE_FEATURE_FEAR_AND_GREED_INDEX: boolean; ENABLE_FEATURE_READ_ONLY_MODE: boolean; - ENABLE_FEATURE_SOCIAL_LOGIN: boolean; ENABLE_FEATURE_STATISTICS: boolean; ENABLE_FEATURE_SUBSCRIPTION: boolean; ENABLE_FEATURE_SYSTEM_MESSAGE: boolean; diff --git a/apps/client/src/app/components/header/header.component.ts b/apps/client/src/app/components/header/header.component.ts index 24fa82d02..03d53e058 100644 --- a/apps/client/src/app/components/header/header.component.ts +++ b/apps/client/src/app/components/header/header.component.ts @@ -105,7 +105,8 @@ export class GfHeaderComponent implements OnChanges { public hasFilters: boolean; public hasImpersonationId: boolean; - public hasPermissionForSocialLogin: boolean; + public hasPermissionForAuthGoogle: boolean; + public hasPermissionForAuthToken: boolean; public hasPermissionForSubscription: boolean; public hasPermissionToAccessAdminControl: boolean; public hasPermissionToAccessAssistant: boolean; @@ -165,9 +166,14 @@ export class GfHeaderComponent implements OnChanges { public ngOnChanges() { this.hasFilters = this.userService.hasFilters(); - this.hasPermissionForSocialLogin = hasPermission( + this.hasPermissionForAuthGoogle = hasPermission( this.info?.globalPermissions, - permissions.enableSocialLogin + permissions.enableAuthGoogle + ); + + this.hasPermissionForAuthToken = hasPermission( + this.info?.globalPermissions, + permissions.enableAuthToken ); this.hasPermissionForSubscription = hasPermission( @@ -280,7 +286,8 @@ export class GfHeaderComponent implements OnChanges { autoFocus: false, data: { accessToken: '', - hasPermissionToUseSocialLogin: this.hasPermissionForSocialLogin, + hasPermissionToUseAuthGoogle: this.hasPermissionForAuthGoogle, + hasPermissionToUseAuthToken: this.hasPermissionForAuthToken, title: $localize`Sign in` }, width: '30rem' diff --git a/apps/client/src/app/components/login-with-access-token-dialog/interfaces/interfaces.ts b/apps/client/src/app/components/login-with-access-token-dialog/interfaces/interfaces.ts index 2fa8b7ea4..c7c4ab3fd 100644 --- a/apps/client/src/app/components/login-with-access-token-dialog/interfaces/interfaces.ts +++ b/apps/client/src/app/components/login-with-access-token-dialog/interfaces/interfaces.ts @@ -1,5 +1,6 @@ export interface LoginWithAccessTokenDialogParams { accessToken: string; - hasPermissionToUseSocialLogin: boolean; + hasPermissionToUseAuthGoogle: boolean; + hasPermissionToUseAuthToken: boolean; title: string; } diff --git a/apps/client/src/app/components/login-with-access-token-dialog/login-with-access-token-dialog.html b/apps/client/src/app/components/login-with-access-token-dialog/login-with-access-token-dialog.html index 15e68822a..bc232cfb7 100644 --- a/apps/client/src/app/components/login-with-access-token-dialog/login-with-access-token-dialog.html +++ b/apps/client/src/app/components/login-with-access-token-dialog/login-with-access-token-dialog.html @@ -3,28 +3,35 @@
- - Security Token - - - + + + } - @if (data.hasPermissionToUseSocialLogin) { + @if ( + data.hasPermissionToUseAuthGoogle && data.hasPermissionToUseAuthToken + ) {
or
+ } + + @if (data.hasPermissionToUseAuthGoogle) {
- + @if (data.hasPermissionToUseAuthToken) { + + }
diff --git a/apps/client/src/app/pages/features/features-page.component.ts b/apps/client/src/app/pages/features/features-page.component.ts index dc9d30f07..dc2dfaf42 100644 --- a/apps/client/src/app/pages/features/features-page.component.ts +++ b/apps/client/src/app/pages/features/features-page.component.ts @@ -25,6 +25,7 @@ import { Subject, takeUntil } from 'rxjs'; }) export class GfFeaturesPageComponent implements OnDestroy { public hasPermissionForSubscription: boolean; + public hasPermissionToCreateUser: boolean; public info: InfoItem; public routerLinkRegister = publicRoutes.register.routerLink; public routerLinkResources = publicRoutes.resources.routerLink; @@ -55,6 +56,11 @@ export class GfFeaturesPageComponent implements OnDestroy { this.info?.globalPermissions, permissions.enableSubscription ); + + this.hasPermissionToCreateUser = hasPermission( + this.info?.globalPermissions, + permissions.createUserAccount + ); } public ngOnDestroy() { diff --git a/apps/client/src/app/pages/features/features-page.html b/apps/client/src/app/pages/features/features-page.html index 7d8f3eda0..d172347f7 100644 --- a/apps/client/src/app/pages/features/features-page.html +++ b/apps/client/src/app/pages/features/features-page.html @@ -309,7 +309,7 @@
- @if (!user) { + @if (hasPermissionToCreateUser && !user) {
- } @else if (!user) { + } @else if (hasPermissionToCreateUser && !user) {
- - @if (hasPermissionForSocialLogin) { + @if (hasPermissionForAuthToken) { + + } + @if (hasPermissionForAuthToken && hasPermissionForAuthGoogle) {
or
+ } + @if (hasPermissionForAuthGoogle) { { return ( - permission !== permissions.enableSocialLogin && + permission !== permissions.enableAuthGoogle && permission !== permissions.enableSubscription ); });