2 files changed, 24 insertions, 0 deletions

diff --git a/inject/disable-password-login.js b/inject/disable-password-login.js
new file mode 100644
index 0000000..d939e0c
--- /dev/null
+++ b/inject/disable-password-login.js
@@ -0,0 +1,22 @@
+export function disablePasswordLogin() {
+  const queryString = new URLSearchParams();
+  if (queryString.get("all") == null) {
+    document.addEventListener("DOMContentLoaded", function () {
+      const sso = document.querySelector(".o_auth_oauth_providers");
+      if (sso) {
+        const link = sso.getElementsByTagName("a")[0];
+        if (link.innerText.search("Authentik") > 0) {
+          console.info("Redirecting to SSO login:", link.href);
+          // Disable for now while we don't have a way to prevent redirection
+          // for e.g. admin login. One way would be to scan for presence of a
+          // query string parameter such as `pwauth`, but I could not get
+          // URLSearchParams to help me.
+          //window.location.replace(link.href);
+        }
+      }
+    });
+  }
+  else {
+    console.info("Not skipping password auth due to query string");
+  }
+}
diff --git a/inject/overrides.js b/inject/overrides.js
index fcaf665..2124bd9 100644
--- a/inject/overrides.js
+++ b/inject/overrides.js
@@ -1,3 +1,5 @@
 import { registerObserver } from '/inject/company-switcher.js';
+import { disablePasswordLogin } from '/inject/disable-password-login.js';
 
 registerObserver();
+disablePasswordLogin();