greenpau / caddy-security

🔐 Authentication, Authorization, and Accounting (AAA) App and Plugin for Caddy v2. 💎 Implements Form-Based, Basic, Local, LDAP, OpenID Connect, OAuth 2.0 (Github, Google, Facebook, Okta, etc.), SAML Authentication. MFA/2FA with App Authenticators and Yubico. 💎 Authorization with JWT/PASETO tokens. 🔐
https://authcrunch.com/
Apache License 2.0
1.46k stars 72 forks source link

question: Native way to hide the 'Contact support' link on Login page? #101

Open iamjrock opened 2 years ago

iamjrock commented 2 years ago

A clear and concise description of what you want to accomplish.

On the Login page there is a "Contact support" link to /auth/help.

To hide the link we could inject custom css/js (custom css/js path ...) OR provide a custom login template (template login ...).

However, is there a native way to hide or edit this link without css/js/template customisations?

greenpau commented 2 years ago

However, is there a native way to hide or edit this link without css/js/template customisations?

@iamjrock, this is a feature request. I am actually in the process of redesigning some of the templates. So ... will add an option to hide the link.

iamjrock commented 2 years ago

will add an option to hide the link

Hey that's awesome Paul, thx for your time and awesome caddy module.

greenpau commented 2 years ago

@iamjrock , I did not get to it yet. Your ask involves modifying sandbox template. Right now I want to focus on settings and build towards user management.

As a shortcut, I suggest adding custom JS that would remove the link programmatically. Here, you don't modify a template. Rather, you inject custom JS https://authp.github.io/docs/authenticate/ui-features#custom-javascript

iamjrock commented 2 years ago

OK understood. We will use custom js or custom css for now.

Would you like me to leave this issue open as a placeholder for the feature?

greenpau commented 2 years ago

Would you like me to leave this issue open as a placeholder for the feature?

@iamjrock , yes. I will get to it 😄

FYI, I already added the necessary plumbing - see https://github.com/authp/authp.github.io/issues/23

What is left is the template.

iamjrock commented 2 years ago

You move faaaast! 👍

greenpau commented 2 years ago

Starting working on sandbox template. That's where the links show up.

greenpau commented 2 years ago

@iamjrock , please test with the latest release. The contact support link will not be visible during authentication.

iamjrock commented 2 years ago

Ok thx @greenpau! Will test. My pc died last night :-( so may take a few days.

Loqova commented 2 years ago

+1 for hiding the 'Contact support' ability. Or any customizability. And related to https://github.com/greenpau/caddy-security/issues/127.

iamjrock commented 2 years ago

@greenpau whilst testing with v1.1.13 I am getting this error:

run: adapting config using caddyfile: parsing caddyfile tokens for 'security': / app/conf/caddy/Caddyfile:79 - Error during parsing: unsupported subdirective for security.authentication.portal.ui: password_recovery_enabled

I know this is not related to the ui changes in this issue, but was this directive removed since v1.1.7?

greenpau commented 2 years ago

I know this is not related to the ui changes in this issue, but was this directive removed since v1.1.7?

The password_recovery_enabled in the UI was removed in favor of enable password recovery under a specific identity store. Please see https://github.com/authp/authp.github.io/issues/23

iamjrock commented 2 years ago

Some more testing:

I commented password_recovery_enabled out of the Caddyfile and then caddy worked.

However, on the Sign In page:

1) The "Contact Support" link still shows 2) Now the "Forgot Username" field is also showing (because password_recovery_enabled was commented out....) 3) The "Register" link is showing. This is using a local json IdP file and we don't want people to be able to register. I'm pretty sure that the Register link wasn't showing before (but maybe I'm wrong?).

So in summary - Contact Support is still visible (sorry!) and I'm trying to work out how to hide all 3 links in this new version.

Thanks again for your time on this.

Screen shot:

image

greenpau commented 2 years ago

The "Contact Support" link still shows

@iamjrock , I need to fix the use case where there is only 1 authentication provider/store. Will tackle it in the next release.

iamjrock commented 2 years ago

The password_recovery_enabled in the UI was removed in favor of enable password recovery under a specific identity store. Please see authp/authp.github.io#23

Ah I see. So to disable these do we just omit the following from the identity store definition:

enable password recovery enable username recovery enable contact support

Or do we use something like:

disable password recovery disable username recovery disable contact support

iamjrock commented 2 years ago

The "Contact Support" link still shows

@iamjrock , I need to fix the use case where there is only 1 authentication provider/store. Will tackle it in the next release.

OK thx. Is it the same situation for all 3? Ie. All of these will not work with a single IdP/store until the next release:

enable password recovery enable username recovery enable contact support

greenpau commented 2 years ago

OK thx. Is it the same situation for all 3? Ie. All of these will not work with a single IdP/store until the next release:

  1. Register link: if you disable registration, then it will not show
  2. Username recovery: if not enabled, disabled (the feature is actually not implemented)
  3. Contact support, if not enabled, disabled
greenpau commented 7 months ago

@iamjrock , could you please write a testimonial for your use of the project? Please see https://docs.authcrunch.com/help-needed for details.