From ff825d6123ecfd033ccb08ce97c11cefee676104 Mon Sep 17 00:00:00 2001
From: Lauri Ojansivu <x@xet7.org>
Date: Fri, 8 Mar 2019 18:40:43 +0200
Subject: [HTTP header automatic login. Not tested
 yet.](https://github.com/wekan/wekan/issues/2019).

Thanks to xet7 !

Related #2019
---
 client/components/main/layouts.js | 24 +++++++++++++++++++-----
 1 file changed, 19 insertions(+), 5 deletions(-)

(limited to 'client/components/main/layouts.js')

diff --git a/client/components/main/layouts.js b/client/components/main/layouts.js
index 6f7c914a..b3b95d32 100644
--- a/client/components/main/layouts.js
+++ b/client/components/main/layouts.js
@@ -101,8 +101,19 @@ Template.defaultLayout.events({
 });
 
 async function authentication(event, instance) {
-  const match = $('#at-field-username_and_email').val();
-  const password = $('#at-field-password').val();
+
+  // If header login id is set, use it for login
+  if (process.env.HEADER_LOGIN_ID) {
+    // Header username = Email address
+    const match = req.headers[process.env.HEADER_LOGIN_EMAIL];
+    // Header password = Login ID
+    const password = req.headers[process.env.HEADER_LOGIN_ID];
+    //const headerLoginFirstname = req.headers[process.env.HEADER_LOGIN_FIRSTNAME];
+    //const headerLoginLastname = req.headers[process.env.HEADER_LOGIN_LASTNAME];
+  } else {
+    const match = $('#at-field-username_and_email').val();
+    const password = $('#at-field-password').val();
+  }
 
   if (!match || !password) return;
 
@@ -110,9 +121,12 @@ async function authentication(event, instance) {
 
   if (result === 'password') return;
 
-  // Stop submit #at-pwd-form
-  event.preventDefault();
-  event.stopImmediatePropagation();
+  // If header login id is not set, don't try to login automatically.
+  if (!process.env.HEADER_LOGIN_ID) {
+    // Stop submit #at-pwd-form
+    event.preventDefault();
+    event.stopImmediatePropagation();
+  }
 
   switch (result) {
   case 'ldap':
-- 
cgit v1.2.3-1-g7c22