Merged in task/dspace-cris-2023_02_x/DSC-2565 (pull request DSpace#3795)

Mattia Vianelli · vins01-4science · commit 32a9314fcede · 2025-11-25T08:36:27.000Z
DSC-2565 Refactor standard login

Approved-by: Andrea Barbasso
diff --git a/config/config.example.yml b/config/config.example.yml
@@ -133,7 +133,7 @@ auth:
     # This is independent from the idle warning.
     timeLeftBeforeTokenRefresh: 120000 # 2 minutes
   # Standard login enabled
-  disableStandardLogin: false
+  isPasswordLoginEnabledForAdminsOnly: false
 
 # Form settings
 form:
diff --git a/src/app/app-routing.module.ts b/src/app/app-routing.module.ts
@@ -179,12 +179,12 @@ import {
             canActivate: [GenericAdministratorGuard, EndUserAgreementCurrentUserGuard]
           },
           {
-            path: 'standard-login',
+            path: 'admin-only-login',
             loadChildren: () => import('./login-page/login-page.module').then((m) => m.LoginPageModule),
             data: {
               isBackDoor: true,
             },
-            canMatch: [() => !environment.auth.disableStandardLogin],
+            canMatch: [() => environment.auth.isPasswordLoginEnabledForAdminsOnly],
           },
           {
             path: 'login',
diff --git a/src/app/shared/log-in/log-in.component.spec.ts b/src/app/shared/log-in/log-in.component.spec.ts
@@ -143,13 +143,13 @@ describe('LogInComponent', () => {
       expect(result).toEqual([{ authMethodType: AuthMethodType.Password, position: 1 }]);
     });
 
-    it('does not exclude password method when standard login is disabled', () => {
+    it('does not exclude password method when isPasswordLoginEnabledForAdminsOnly is disabled', () => {
       const authMethods = [
         { authMethodType: AuthMethodType.Password, position: 1 },
         { authMethodType: AuthMethodType.Shibboleth, position: 2 },
       ];
       component.excludedAuthMethod = undefined;
-      const result = component.filterAndSortAuthMethods(authMethods, false, true);
+      const result = component.filterAndSortAuthMethods(authMethods, false, false);
       expect(result).toEqual([
         { authMethodType: AuthMethodType.Password, position: 1 },
         { authMethodType: AuthMethodType.Shibboleth, position: 2 },
@@ -164,8 +164,9 @@ describe('LogInComponent', () => {
       ];
       const isBackdoor = false;
       component.excludedAuthMethod = AuthMethodType.Ip;
-      const result = component.filterAndSortAuthMethods(authMethods, isBackdoor);
+      const result = component.filterAndSortAuthMethods(authMethods, isBackdoor, false);
       expect(result).toEqual([
+        { authMethodType: AuthMethodType.Password, position: 1 },
         { authMethodType: AuthMethodType.Shibboleth, position: 3 }
       ]);
     });
@@ -177,9 +178,10 @@ describe('LogInComponent', () => {
       ];
       const isBackdoor = false;
       component.excludedAuthMethod = undefined;
-      const result = component.filterAndSortAuthMethods(authMethods, isBackdoor);
+      const result = component.filterAndSortAuthMethods(authMethods, isBackdoor, false);
       expect(result).toEqual([
-        { authMethodType: AuthMethodType.Shibboleth, position: 1 }
+        { authMethodType: AuthMethodType.Shibboleth, position: 1 },
+        { authMethodType: AuthMethodType.Password, position: 2 }
       ]);
     });
   });
diff --git a/src/app/shared/log-in/log-in.component.ts b/src/app/shared/log-in/log-in.component.ts
@@ -1,5 +1,6 @@
 import { ChangeDetectionStrategy, Component, Input, OnDestroy, OnInit } from '@angular/core';
 import { filter, map, shareReplay } from 'rxjs/operators';
+import { combineLatest } from 'rxjs';
 import { select, Store } from '@ngrx/store';
 import { AuthMethod } from '../../core/auth/models/auth.method';
 import {
@@ -98,7 +99,7 @@ export class LogInComponent implements OnInit, OnDestroy {
           filter(routeData => !!routeData),
           map(data => data.isBackDoor),
         )),
-      map(([methods, isBackdoor]) => this.filterAndSortAuthMethods(methods, isBackdoor, environment.auth.disableStandardLogin)),
+      map(([methods, isBackdoor]) => this.filterAndSortAuthMethods(methods, isBackdoor, environment.auth.isPasswordLoginEnabledForAdminsOnly)),
       // ignore the ip authentication method when it's returned by the backend
       map((authMethods: AuthMethod[]) => uniqBy(authMethods.filter(a => a.authMethodType !== AuthMethodType.Ip), 'authMethodType'))
     );
@@ -118,21 +119,24 @@ export class LogInComponent implements OnInit, OnDestroy {
 
     this.canRegister$ = this.authorizationService.isAuthorized(FeatureID.EPersonRegistration);
 
-    this.canForgot$ = this.authorizationService.isAuthorized(FeatureID.EPersonForgotPassword).pipe(shareReplay(1));
-    this.canShowDivider$ = this.canRegister$.pipe(
-      combineLatestWith(this.canForgot$),
-      map(([canRegister, canForgot]) => (canRegister || canForgot) && (!environment.auth.disableStandardLogin || this.isStandalonePage)),
-      filter(Boolean)
+    this.canForgot$ = this.authorizationService.isAuthorized(FeatureID.EPersonForgotPassword).pipe(shareReplay({ refCount: false, bufferSize: 1 }));
+    this.canShowDivider$ = combineLatest([
+      this.canRegister$,
+      this.canForgot$,
+      this.route.data
+    ]).pipe(
+      map(([canRegister, canForgot, routeData]) => (canRegister || canForgot) && !routeData?.isBackDoor),
+      filter(Boolean),
     );
   }
 
-  filterAndSortAuthMethods(authMethods: AuthMethod[], isBackdoor: boolean, isStandardLoginDisabled = false): AuthMethod[] {
+  filterAndSortAuthMethods(authMethods: AuthMethod[], isBackdoor: boolean, isPasswordLoginEnabledForAdminsOnly = false): AuthMethod[] {
     return authMethods.filter((authMethod: AuthMethod) => {
         const methodComparison = (authM) => {
           if (isBackdoor) {
             return authM.authMethodType === AuthMethodType.Password;
           }
-          if (!isStandardLoginDisabled) {
+          if (isPasswordLoginEnabledForAdminsOnly) {
             return authM.authMethodType !== AuthMethodType.Password;
           }
           return true;
diff --git a/src/config/auth-config.interfaces.ts b/src/config/auth-config.interfaces.ts
@@ -22,5 +22,5 @@ export interface AuthConfig extends Config {
   };
 
   // Whether the standard login form should be enabled.
-  disableStandardLogin?: boolean;
+  isPasswordLoginEnabledForAdminsOnly?: boolean;
 }
diff --git a/src/config/default-app-config.ts b/src/config/default-app-config.ts
@@ -136,7 +136,7 @@ export class DefaultAppConfig implements AppConfig {
       // This is independent from the idle warning.
       timeLeftBeforeTokenRefresh: 2 * 60 * 1000 // 2 minutes
     },
-    disableStandardLogin: true, // Enable the standard login form
+    isPasswordLoginEnabledForAdminsOnly: false, // Enable the standard login form
   };
 
   // Form settings
diff --git a/src/environments/environment.test.ts b/src/environments/environment.test.ts
@@ -97,7 +97,7 @@ export const environment: BuildConfig = {
       // This is independent from the idle warning.
       timeLeftBeforeTokenRefresh: 20000, // 20 sec
     },
-    disableStandardLogin: false,
+    isPasswordLoginEnabledForAdminsOnly: true,
   },
 
   // Form settings

Original file line number	Diff line number	Diff line change
`@@ -22,5 +22,5 @@ export interface AuthConfig extends Config {`
`22`	`22`	`};`
`23`	`23`
`24`	`24`	`// Whether the standard login form should be enabled.`
`25`		`- disableStandardLogin?: boolean;`
	`25`	`+ isPasswordLoginEnabledForAdminsOnly?: boolean;`
`26`	`26`	`}`