fix(go): prevent disabling basic auth if deployed by operator; (#3561)

VishalDalwadi · web-flow · commit ffe5e0e65ae4 · 2025-07-24T11:57:53.000+05:30
diff --git a/logic/settings.go b/logic/settings.go
@@ -33,6 +33,11 @@ func UpsertServerSettings(s models.ServerSettings) error {
 	if s.ClientSecret == Mask() {
 		s.ClientSecret = currSettings.ClientSecret
 	}
+
+	if servercfg.DeployedByOperator() {
+		s.BasicAuth = true
+	}
+
 	data, err := json.Marshal(s)
 	if err != nil {
 		return err
@@ -317,6 +322,10 @@ func GetManageDNS() bool {
 
 // IsBasicAuthEnabled - checks if basic auth has been configured to be turned off
 func IsBasicAuthEnabled() bool {
+	if servercfg.DeployedByOperator() {
+		return true
+	}
+
 	return GetServerSettings().BasicAuth
 }
 
diff --git a/servercfg/serverconf.go b/servercfg/serverconf.go
@@ -721,6 +721,10 @@ func GetEmqxRestEndpoint() string {
 
 // IsBasicAuthEnabled - checks if basic auth has been configured to be turned off
 func IsBasicAuthEnabled() bool {
+	if DeployedByOperator() {
+		return true
+	}
+
 	var enabled = true //default
 	if os.Getenv("BASIC_AUTH") != "" {
 		enabled = os.Getenv("BASIC_AUTH") == "yes"
