Merged in task/dspace-cris-2024_02_x/DSC-2565 (pull request DSpace#3794)

DSC-2565 Refactor standard login

Approved-by: Andrea Barbasso

Author: Mattia Vianelli

src/app/app-routes.ts

@@ -182,12 +182,12 @@ export const APP_ROUTES: Route[] = [
         canActivate: [authenticatedGuard, endUserAgreementCurrentUserGuard],
       },
       {
-        path: 'standard-login',
+        path: 'admin-only-login',
         loadChildren: () => import('./login-page/login-page-routes').then((m) => m.ROUTES),
         data: {
           isBackDoor: true,
         },
-        canMatch: [() => !environment.auth.disableStandardLogin],
+        canMatch: [() => environment.auth.isPasswordLoginEnabledForAdminsOnly],
       },
       {
         path: 'login',

src/app/shared/log-in/log-in.component.spec.ts

@@ -154,13 +154,13 @@ describe('LogInComponent', () => {
       expect(result).toEqual([{ authMethodType: AuthMethodType.Password, position: 1 }]);
     });
 
-    it('does not exclude password method when standard login is disabled', () => {
+    it('does not exclude password method when isPasswordLoginEnabledForAdminsOnly is disabled', () => {
       const authMethods = [
         { authMethodType: AuthMethodType.Password, position: 1 },
         { authMethodType: AuthMethodType.Shibboleth, position: 2 },
       ];
       component.excludedAuthMethod = undefined;
-      const result = component.filterAndSortAuthMethods(authMethods, false, true);
+      const result = component.filterAndSortAuthMethods(authMethods, false, false);
       expect(result).toEqual([
         { authMethodType: AuthMethodType.Password, position: 1 },
         { authMethodType: AuthMethodType.Shibboleth, position: 2 },
@@ -175,8 +175,9 @@ describe('LogInComponent', () => {
       ];
       const isBackdoor = false;
       component.excludedAuthMethod = AuthMethodType.Ip;
-      const result = component.filterAndSortAuthMethods(authMethods, isBackdoor);
+      const result = component.filterAndSortAuthMethods(authMethods, isBackdoor, false);
       expect(result).toEqual([
+        { authMethodType: AuthMethodType.Password, position: 1 },
         { authMethodType: AuthMethodType.Shibboleth, position: 3 },
       ]);
     });
@@ -188,9 +189,10 @@ describe('LogInComponent', () => {
       ];
       const isBackdoor = false;
       component.excludedAuthMethod = undefined;
-      const result = component.filterAndSortAuthMethods(authMethods, isBackdoor);
+      const result = component.filterAndSortAuthMethods(authMethods, isBackdoor, false);
       expect(result).toEqual([
         { authMethodType: AuthMethodType.Shibboleth, position: 1 },
+        { authMethodType: AuthMethodType.Password, position: 2 },
       ]);
     });
   });

src/app/shared/log-in/log-in.component.ts

@@ -21,6 +21,7 @@ import {
 import { TranslateModule } from '@ngx-translate/core';
 import uniqBy from 'lodash/uniqBy';
 import {
+  combineLatest,
   combineLatestWith,
   map,
   Observable,
@@ -133,7 +134,7 @@ export class LogInComponent implements OnInit, OnDestroy {
           filter(routeData => !!routeData),
           map(data => data.isBackDoor),
         )),
-      map(([methods, isBackdoor]) => this.filterAndSortAuthMethods(methods, isBackdoor, environment.auth.disableStandardLogin)),
+      map(([methods, isBackdoor]) => this.filterAndSortAuthMethods(methods, isBackdoor, environment.auth.isPasswordLoginEnabledForAdminsOnly)),
       // ignore the ip authentication method when it's returned by the backend
       map((authMethods: AuthMethod[]) => uniqBy(authMethods.filter(a => a.authMethodType !== AuthMethodType.Ip), 'authMethodType')),
     );
@@ -154,20 +155,23 @@ export class LogInComponent implements OnInit, OnDestroy {
     this.canRegister$ = this.authorizationService.isAuthorized(FeatureID.EPersonRegistration);
 
     this.canForgot$ = this.authorizationService.isAuthorized(FeatureID.EPersonForgotPassword).pipe(shareReplay({ refCount: false, bufferSize: 1 }));
-    this.canShowDivider$ = this.canRegister$.pipe(
-      combineLatestWith(this.canForgot$),
-      map(([canRegister, canForgot]) => (canRegister || canForgot) && (!environment.auth.disableStandardLogin || this.isStandalonePage)),
+    this.canShowDivider$ = combineLatest([
+      this.canRegister$,
+      this.canForgot$,
+      this.route.data,
+    ]).pipe(
+      map(([canRegister, canForgot, routeData]) => (canRegister || canForgot) && !routeData?.isBackDoor),
       filter(Boolean),
     );
   }
 
-  filterAndSortAuthMethods(authMethods: AuthMethod[], isBackdoor: boolean, isStandardLoginDisabled = false): AuthMethod[] {
+  filterAndSortAuthMethods(authMethods: AuthMethod[], isBackdoor: boolean, isPasswordLoginEnabledForAdminsOnly = false): AuthMethod[] {
     return authMethods.filter((authMethod: AuthMethod) => {
       const methodComparison = (authM) => {
         if (isBackdoor) {
           return authM.authMethodType === AuthMethodType.Password;
         }
-        if (!isStandardLoginDisabled) {
+        if (isPasswordLoginEnabledForAdminsOnly) {
           return authM.authMethodType !== AuthMethodType.Password;
         }
         return true;

src/config/auth-config.interfaces.ts

@@ -22,5 +22,5 @@ export interface AuthConfig extends Config {
   };
 
   // Whether the standard login form should be enabled.
-  disableStandardLogin?: boolean;
+  isPasswordLoginEnabledForAdminsOnly?: boolean;
 }

src/config/default-app-config.ts

@@ -147,7 +147,7 @@ export class DefaultAppConfig implements AppConfig {
       // This is independent from the idle warning.
       timeLeftBeforeTokenRefresh: 2 * 60 * 1000, // 2 minutes
     },
-    disableStandardLogin: true, // Enable the standard login form
+    isPasswordLoginEnabledForAdminsOnly: false, // Enable the standard login form
   };
 
   // Form settings

src/environments/environment.test.ts

@@ -115,7 +115,7 @@ export const environment: BuildConfig = {
       // This is independent from the idle warning.
       timeLeftBeforeTokenRefresh: 20000, // 20 sec
     },
-    disableStandardLogin: false,
+    isPasswordLoginEnabledForAdminsOnly: true,
   },
 
   // Form settings