Disable all sign in requirements?

[wbste]

Hey, awesome work so far! If one were to run this locally with no public Internet exposure, is it possible to just disable any sign in requirements? Just want to jump straight into the app. I saw I can disable the form and odic login...if I already created one account does that mean I get locked out? Or auto log in?

https://docs.hoarder.app/configuration

[Inventhrice]

So far, there is no way to disable authentication in the application. I have the DISABLE_SIGNUPS flag enabled, so I can confirm it shows the landing page where you can login, but you would not have any capability of signing up new users.

Tossing my two cents: Disabiling auth is a really cool idea (said nobody, i know) because there is merit to the idea of just hitting run and going. However, I also don't know how that would be implemented, as to support multiple users you would need some form of auth.

[wbste]

For this use case, the user base is a single user. There's no need to support additional users.

[MohamedBassem]

I think the best we can do is if you have OIDC enabled, and password auth disabled, we can add a new flag AUTO_OAUTH_LOGIN which if enabled, we can start the oauth workflow automatically when you land on the signup page. Would that work for you?

[wbste]

Nah, sorry for not being clear. I would like to NEVER sign in, ever. No username and password, no SSO, no nothing. Anyone with access to the app would be "the same user" with full access. The obvious ramifications are if anyone else were to access the app they would not need to authenticate and would see all my stuff.

Maybe on the docker compose set a default username and password, and if DISABLE_SIGNUPS and DISABLE_PASSWORD_AUTH are both true and no oauth is config'd then it auto logs in as that user?

Not a huge deal if it's a pain, just a nice to have. Thanks again for an awesome app!

[tjhart85]

FWIW, I would absolutely love an 'AUTO_OAUTH_LOGIN' flag as for my household that would be fantastic and our phones and PCs are basically always logged in (and if they're not, this will prevent them from needing to be for the next program we use, so no biggie).

I understand OP though, for the apps I have that are single user, local network only, I do find it very annoying when they mandate a login policy (especially when they don't allow OIDC!)

[nicktheone]

Completely agree. I came here looking for this exact request, in case it had already been made. I understand the need for a robust user management system but in case of an instance walled behind a VPN with no other access to the Internet there isn't really any need for authentication nor authorization. I have several other self hosted apps that can optionally disable log in prompts and if Hoarder followed suit it'd amazing.

[Inventhrice]

To be clear on my end as well, would LOVE for this to be a feature!! It does get a bit tiresome to keep logging in.