From 3cf5bc8b7603b9958f31d173e4e268ef607a23fb Mon Sep 17 00:00:00 2001
From: Thomas Miceli <tho.miceli@gmail.com>
Date: Thu, 4 May 2023 11:48:26 +0200
Subject: [PATCH 1/2] First account registering with OAuth is now admin

---
 internal/web/auth.go | 6 ++++++
 1 file changed, 6 insertions(+)

diff --git a/internal/web/auth.go b/internal/web/auth.go
index 5e07826..9bc8d58 100644
--- a/internal/web/auth.go
+++ b/internal/web/auth.go
@@ -178,6 +178,12 @@ func oauthCallback(ctx echo.Context) error {
 			return errorRes(500, "Cannot create user", err)
 		}
 
+		if userDB.ID == 1 {
+			if err = userDB.SetAdmin(); err != nil {
+				return errorRes(500, "Cannot set user admin", err)
+			}
+		}
+
 		var resp *http.Response
 		switch user.Provider {
 		case "github":

From 49807d04c776ee23d4f92e7c21f40dc7e92ee1eb Mon Sep 17 00:00:00 2001
From: Thomas Miceli <tho.miceli@gmail.com>
Date: Sat, 6 May 2023 18:53:59 +0200
Subject: [PATCH 2/2] Disable login form via admin panel

---
 internal/web/auth.go             | 10 ++++++++++
 public/admin.ts                  |  1 +
 templates/pages/admin_index.html |  6 +++++-
 templates/pages/auth_form.html   | 16 ++++++++++------
 4 files changed, 26 insertions(+), 7 deletions(-)

diff --git a/internal/web/auth.go b/internal/web/auth.go
index 9bc8d58..9861d8c 100644
--- a/internal/web/auth.go
+++ b/internal/web/auth.go
@@ -26,6 +26,7 @@ var title = cases.Title(language.English)
 func register(ctx echo.Context) error {
 	setData(ctx, "title", "New account")
 	setData(ctx, "htmlTitle", "New account")
+	setData(ctx, "disableForm", getData(ctx, "DisableLoginForm"))
 	return html(ctx, "auth_form.html")
 }
 
@@ -34,6 +35,10 @@ func processRegister(ctx echo.Context) error {
 		return errorRes(403, "Signing up is disabled", nil)
 	}
 
+	if getData(ctx, "DisableLoginForm") == true {
+		return errorRes(403, "Signing up via registration form is disabled", nil)
+	}
+
 	setData(ctx, "title", "New account")
 	setData(ctx, "htmlTitle", "New account")
 
@@ -81,10 +86,15 @@ func processRegister(ctx echo.Context) error {
 func login(ctx echo.Context) error {
 	setData(ctx, "title", "Login")
 	setData(ctx, "htmlTitle", "Login")
+	setData(ctx, "disableForm", getData(ctx, "DisableLoginForm"))
 	return html(ctx, "auth_form.html")
 }
 
 func processLogin(ctx echo.Context) error {
+	if getData(ctx, "DisableLoginForm") == true {
+		return errorRes(403, "Logging in via login form is disabled", nil)
+	}
+
 	var err error
 	sess := getSession(ctx)
 
diff --git a/public/admin.ts b/public/admin.ts
index d980530..4dffe80 100644
--- a/public/admin.ts
+++ b/public/admin.ts
@@ -1,6 +1,7 @@
 document.addEventListener('DOMContentLoaded', () => {
     registerDomSetting(document.getElementById('disable-signup') as HTMLInputElement);
     registerDomSetting(document.getElementById('require-login') as HTMLInputElement);
+    registerDomSetting(document.getElementById('disable-login-form') as HTMLInputElement);
 });
 
 const setSetting = (key: string, value: string) => {
diff --git a/templates/pages/admin_index.html b/templates/pages/admin_index.html
index c8fe35c..d59e0d9 100644
--- a/templates/pages/admin_index.html
+++ b/templates/pages/admin_index.html
@@ -84,9 +84,13 @@
                     <input type="checkbox" id="disable-signup" name="disable-signup" {{ if .DisableSignup }}checked="checked"{{ end }} class="ml-1 h-4 w-4 rounded border-gray-300 text-primary-600 focus:ring-primary-600" />
                 </div>
                 <div>
-                    <label for="disable-signup" class="text-sm text-slate-300">Login required</label>
+                    <label for="require-login" class="text-sm text-slate-300">Require login</label>
                     <input type="checkbox" id="require-login" name="require-login" {{ if .RequireLogin }}checked="checked"{{ end }} class="ml-1 h-4 w-4 rounded border-gray-300 text-primary-600 focus:ring-primary-600" />
                 </div>
+                <div>
+                    <label for="disable-login-form" class="text-sm text-slate-300">Disable login form</label>
+                    <input type="checkbox" id="disable-login-form" name="disable-login-form" {{ if .DisableLoginForm }}checked="checked"{{ end }} class="ml-1 h-4 w-4 rounded border-gray-300 text-primary-600 focus:ring-primary-600" />
+                </div>
             </div>
         </div>
     </div>
diff --git a/templates/pages/auth_form.html b/templates/pages/auth_form.html
index 6b83e25..d26db93 100644
--- a/templates/pages/auth_form.html
+++ b/templates/pages/auth_form.html
@@ -14,6 +14,8 @@
         <div class="sm:col-span-6">
             <div class="mt-8  sm:w-full sm:max-w-md">
                 <div class="bg-gray-900 rounded-md border border-1 border-gray-700 py-8 px-4 shadow sm:rounded-lg sm:px-10">
+
+                    {{ if not .disableForm }}
                     <form class="space-y-6" action="#" method="post">
                         <div>
                             <label for="username" class="block text-sm font-medium text-slate-300"> Username </label>
@@ -48,14 +50,16 @@
                         {{ end }}
                         {{ .csrfHtml }}
                     </form>
-
+                    {{ end }}
                     {{ if or .githubOauth .giteaOauth }}
-                        <div class="relative my-4">
-                            <div class="absolute inset-0 flex items-center" aria-hidden="true">
-                                <div class="w-full border-t border-gray-700"></div>
+                        {{ if not .disableForm }}
+                            <div class="relative my-4">
+                                <div class="absolute inset-0 flex items-center" aria-hidden="true">
+                                    <div class="w-full border-t border-gray-700"></div>
+                                </div>
                             </div>
-                        </div>
-                        <br />
+                            <br />
+                        {{ end }}
                         <div>
                             {{ if .githubOauth }}
                                 <a href="/oauth/github" class="block w-full mb-2 text-center whitespace-nowrap text-slate-300{{ if .syncReposFromFS }} text-slate-500 cursor-not-allowed {{ end }}rounded border border-gray-600 bg-gray-800 px-2.5 py-2 text-xs font-medium text-white shadow-sm hover:bg-gray-700 hover:border-gray-500 hover:text-slate-300 focus:outline-none focus:ring-1 focus:border-primary-500 focus:ring-primary-500 leading-3">