disallow password login while OIDC login is active
aggressively assert that the used login mechanism is intended to be active
update password login test
warn if we happen to have users in the database with usable passwords (which we don't expect to happen)
In the long run, it might make sense to completely ditch the password field from the database, and also enforce some kind of mocked OIDC login on development setups
In the long run, it might make sense to completely ditch the password field from the database, and also enforce some kind of mocked OIDC login on development setups
In the long run, it might make sense to completely ditch the password field from the database, and also enforce some kind of mocked OIDC login on development setups