feat(login): add LOGIN_SHOW_TOTP and LOGIN_SHOW_VERSION config flags#520
Open
maartendra wants to merge 1 commit into
Open
feat(login): add LOGIN_SHOW_TOTP and LOGIN_SHOW_VERSION config flags#520maartendra wants to merge 1 commit into
maartendra wants to merge 1 commit into
Conversation
Two opt-out branding/login flags, both default true (no behaviour change for existing deployments): - LOGIN_SHOW_TOTP=false hides the manual "I have a 2FA code" toggle on the login form. Deployments that delegate auth to an external directory (LDAP/OIDC) where 2FA lives in the IdP have no server-side TOTP, so the toggle only ever leads to a failed login. Server-required TOTP (totp_required, which auto-shows the field) is unaffected. - LOGIN_SHOW_VERSION=false hides the build version in the login footer, so the exact version isn't disclosed to unauthenticated visitors. Wired through the existing config registry (CONFIG_ENV_MAP) → /api/config → useConfig, matching the surrounding LOGIN_* options. Refs bulwarkmail#519. Co-Authored-By: Claude Opus 4.8 (1M context) <noreply@anthropic.com>
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
What
Adds two opt-out login/branding flags, both default
true(no behaviour change for existing deployments):LOGIN_SHOW_TOTP— setfalseto hide the manual "I have a 2FA code" toggle on the login form.LOGIN_SHOW_VERSION— setfalseto hide the build version in the login footer.Refs #519 (covers the two cleanest items from that issue).
Why
LOGIN_SHOW_TOTP— when Bulwark's mail server delegates auth to an external directory (LDAP/OIDC) and 2FA lives in the upstream IdP, the server has no per-account TOTP. The manual toggle then only ever leads to a failed login — dead, confusing UI. This lets such deployments hide it. Server-required TOTP is unaffected: when the server returnstotp_required, the field still auto-shows (the flag only gates the manual opt-in button).LOGIN_SHOW_VERSION— the footer currently shows the exact build version to unauthenticated visitors, a needless information disclosure (eases CVE targeting). This lets operators turn it off.How
Wired through the existing config flow, matching the surrounding
LOGIN_*options:CONFIG_ENV_MAPinlib/admin/types.ts(twobooleanentries, defaulttrue)/api/configresponse (app/api/config/route.ts)useConfig(hooks/use-config.ts)app/(main)/[locale]/login/page.tsxNotes
true, so existing installs are unchanged.main; followedCONTRIBUTING.mdconventions. I wasn't able to runnpm run typecheck/lintin my environment, but the change mirrors the existing config plumbing 1:1 — happy to adjust to match any conventions I missed.We run Bulwark in production (white-labelled) and are glad to test patches/iterate.