diff --git a/backend/endpoints/auth.py b/backend/endpoints/auth.py
index acc71000f..2a8f839ed 100644
--- a/backend/endpoints/auth.py
+++ b/backend/endpoints/auth.py
@@ -1,7 +1,7 @@
from datetime import datetime, timedelta, timezone
from typing import Annotated, Final
-from config import OIDC_ENABLED, OIDC_REDIRECT_URI
+from config import DISABLE_USERPASS_LOGIN, OIDC_ENABLED, OIDC_REDIRECT_URI
from decorators.auth import oauth
from endpoints.forms.identity import OAuth2RequestForm
from endpoints.responses import MessageResponse
@@ -11,6 +11,7 @@ from exceptions.auth_exceptions import (
OIDCDisabledException,
OIDCNotConfiguredException,
UserDisabledException,
+ UserPassDisabledException,
)
from fastapi import Depends, HTTPException, Request, status
from fastapi.responses import RedirectResponse
@@ -45,6 +46,9 @@ def login(
MessageResponse: Standard message response
"""
+ if DISABLE_USERPASS_LOGIN:
+ raise UserPassDisabledException
+
user = auth_handler.authenticate_user(credentials.username, credentials.password)
if not user:
raise AuthCredentialsException
diff --git a/backend/exceptions/auth_exceptions.py b/backend/exceptions/auth_exceptions.py
index 66db919bf..e49c41fbb 100644
--- a/backend/exceptions/auth_exceptions.py
+++ b/backend/exceptions/auth_exceptions.py
@@ -1,5 +1,10 @@
from fastapi import HTTPException, status
+UserPassDisabledException = HTTPException(
+ status_code=status.HTTP_500_INTERNAL_SERVER_ERROR,
+ detail="Username/password authentication disabled",
+)
+
AuthCredentialsException = HTTPException(
status_code=status.HTTP_401_UNAUTHORIZED,
detail="Incorrect username or password",
diff --git a/frontend/src/views/Auth/Login.vue b/frontend/src/views/Auth/Login.vue
index 05f087fe1..2c3a65ff2 100644
--- a/frontend/src/views/Auth/Login.vue
+++ b/frontend/src/views/Auth/Login.vue
@@ -74,10 +74,10 @@ async function loginOIDC() {
-
+
-
+
-
-
-
- {{ t("login.or") }}
-
-
-
-
-
-
-
- mdi-key
-
-
-
-
- {{
- t("login.login-oidc", {
- oidc: oidcProvider || "OIDC",
- })
- }}
-
-
-
-
-
+
+
+
+ {{ t("login.or") }}
+
+
+
+
+
+
+
+ mdi-key
+
+
+
+
+ {{
+ t("login.login-oidc", {
+ oidc: oidcProvider || "OIDC",
+ })
+ }}
+
+
+
+
+