Skip to content

Disable demo auth when SSO providers are configured #77

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
initstring merged 2 commits into from
Jan 17, 2026
Merged

Disable demo auth when SSO providers are configured #77

initstring merged 2 commits into from
Jan 17, 2026
+28 −20

Conversation

@initstring
Copy link
Owner

@initstring initstring commented Jan 17, 2026

Motivation

  • Prevent the insecure demo login from remaining enabled when any SSO provider is configured, reducing risk of accidental public demo access.
  • Align provider registration to the validated env surface so server-side feature gating uses the same canonical env values.

Description

  • Compute ssoProvidersEnabled and make demoModeEnabled require no SSO in src/server/auth/config.ts, and register providers using env.* instead of process.env.*.
  • Update the sign-in page src/app/(public-routes)/auth/signin/page.tsx to hide the demo button when any SSO provider is enabled by computing ssoEnabled and gating demoEnabled accordingly.
  • Add a short note to docs/installation.md explaining that demo mode is automatically disabled when any SSO provider is configured.

Testing

  • No automated tests were run as part of this change.

Codex Task

@initstring
Copy link
Owner Author

initstring commented Jan 17, 2026

@codex review

@chatgpt-codex-connector
Copy link

chatgpt-codex-connector bot commented Jan 17, 2026

Codex Review: Didn't find any major issues. You're on a roll.

ℹ️ About Codex in GitHub

Your team has set up Codex to review pull requests in this repo. Reviews are triggered when you

  • Open a pull request for review
  • Mark a draft as ready
  • Comment "@codex review".

If Codex has suggestions, it will comment; otherwise it will react with 👍.

Codex can also answer questions or update the PR. Try commenting "@codex address that feedback".

@initstring initstring merged commit 7dd574d into main Jan 17, 2026
5 checks passed
@initstring initstring deleted the codex/disable-demo-mode-with-sso-providers branch January 17, 2026 10:24
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

codex

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@initstring