inject/disable-password-login.js


1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22

export function disablePasswordLogin() {
  const queryString = new URLSearchParams();
  if (queryString.get("all") == null) {
    document.addEventListener("DOMContentLoaded", function () {
      const sso = document.querySelector(".o_auth_oauth_providers");
      if (sso) {
        const link = sso.getElementsByTagName("a")[0];
        if (link.innerText.search("Authentik") > 0) {
          console.info("Redirecting to SSO login:", link.href);
          // Disable for now while we don't have a way to prevent redirection
          // for e.g. admin login. One way would be to scan for presence of a
          // query string parameter such as `pwauth`, but I could not get
          // URLSearchParams to help me.
          //window.location.replace(link.href);
        }
      }
    });
  }
  else {
    console.info("Not skipping password auth due to query string");
  }
}