feat: Config options to disable GitHub authentication

.wiki/Configuration.md

@@ -24,6 +24,7 @@ Location: `backend/config/default.json`
 | `apis.youtube.quotas.limit` | YouTube API quota limit. |
 | `apis.recaptcha.secret` | ReCaptcha Site v3 secret, obtained from [here](https://www.google.com/recaptcha/admin). |
 | `apis.recaptcha.enabled` | Whether to enable ReCaptcha at email registration. |
+| `apis.github.enabled` | Whether to enable GitHub authentication. |
 | `apis.github.client` | GitHub OAuth Application client, obtained from [here](https://github.com/settings/developers). |
 | `apis.github.secret` | GitHub OAuth Application secret, obtained with client. |
 | `apis.github.redirect_uri` | The authorization callback url is the backend url with `/auth/github/authorize/callback` appended, for example `http://localhost/backend/auth/github/authorize/callback`. |

backend/config/template.json

@@ -37,6 +37,7 @@
 			"enabled": false
 		},
 		"github": {
+			"enabled": false,
 			"client": "",
 			"secret": "",
 			"redirect_uri": ""
@@ -113,5 +114,5 @@
 			]
 		}
 	},
-	"configVersion": 10
+	"configVersion": 11
 }

backend/index.js

@@ -6,7 +6,7 @@ import fs from "fs";
 
 import package_json from "./package.json" assert { type: "json" };
 
-const REQUIRED_CONFIG_VERSION = 10;
+const REQUIRED_CONFIG_VERSION = 11;
 
 // eslint-disable-next-line
 Array.prototype.remove = function (item) {

backend/logic/actions/users.js

@@ -1184,7 +1184,8 @@ export default {
 		return async.waterfall(
 			[
 				next => {
-					userModel.findOne({ _id: session.userId }, (err, user) => next(err, user));
+					if (!config.get("apis.github.enabled")) return next("GitHub authentication is disabled.");
+					return userModel.findOne({ _id: session.userId }, (err, user) => next(err, user));
 				},
 
 				(user, next) => {
@@ -2813,6 +2814,7 @@ export default {
 
 				(user, next) => {
 					if (!user) return next("Not logged in.");
+					if (!config.get("apis.github.enabled")) return next("Unlinking password is disabled.");
 					if (!user.services.github || !user.services.github.id)
 						return next("You can't remove password login without having GitHub login.");
 					return userModel.updateOne({ _id: session.userId }, { $unset: { "services.password": "" } }, next);

backend/logic/app.js

@@ -43,9 +43,7 @@ class _AppModule extends CoreClass {
 
 			const app = (this.app = express());
 			const SIDname = config.get("cookie.SIDname");
-			this.server = http
+			this.server = http.createServer(app).listen(config.get("serverPort"));
-				.createServer(app)
-				.listen(config.get("serverPort"));
 
 			app.use(cookieParser());
 
@@ -64,478 +62,399 @@ class _AppModule extends CoreClass {
 			app.use(cors(corsOptions));
 			app.options("*", cors(corsOptions));
 
-			const oauth2 = new OAuth2(
-				config.get("apis.github.client"),
-				config.get("apis.github.secret"),
-				"https://github.com/",
-				"login/oauth/authorize",
-				"login/oauth/access_token",
-				null
-			);
-
-			const redirectUri = `${config.get("apis.github.redirect_uri")}`;
-
 			/**
 			 * @param {object} res - response object from Express
 			 * @param {string} err - custom error message
 			 */
 			function redirectOnErr(res, err) {
-				res.redirect(
+				res.redirect(`${config.get("domain")}?err=${encodeURIComponent(err)}`);
-					`${config.get("domain")}?err=${encodeURIComponent(err)}`
-				);
 			}
 
-			app.get("/auth/github/authorize", async (req, res) => {
+			if (config.get("apis.github.enabled")) {
-				if (this.getStatus() !== "READY") {
+				const oauth2 = new OAuth2(
-					this.log(
+					config.get("apis.github.client"),
-						"INFO",
+					config.get("apis.github.secret"),
-						"APP_REJECTED_GITHUB_AUTHORIZE",
+					"https://github.com/",
-						`A user tried to use github authorize, but the APP module is currently not ready.`
+					"login/oauth/authorize",
-					);
+					"login/oauth/access_token",
-					return redirectOnErr(
+					null
-						res,
-						"Something went wrong on our end. Please try again later."
-					);
-				}
-
-				const params = [
-					`client_id=${config.get("apis.github.client")}`,
-					`redirect_uri=${config.get("apis.github.redirect_uri")}`,
-					`scope=user:email`
-				].join("&");
-				return res.redirect(
-					`https://github.com/login/oauth/authorize?${params}`
 				);
-			});
 
-			app.get("/auth/github/link", async (req, res) => {
+				const redirectUri = `${config.get("apis.github.redirect_uri")}`;
-				if (this.getStatus() !== "READY") {
-					this.log(
-						"INFO",
-						"APP_REJECTED_GITHUB_AUTHORIZE",
-						`A user tried to use github authorize, but the APP module is currently not ready.`
-					);
-					return redirectOnErr(
-						res,
-						"Something went wrong on our end. Please try again later."
-					);
-				}
 
-				const params = [
+				app.get("/auth/github/authorize", async (req, res) => {
-					`client_id=${config.get("apis.github.client")}`,
+					if (this.getStatus() !== "READY") {
-					`redirect_uri=${config.get("apis.github.redirect_uri")}`,
+						this.log(
-					`scope=user:email`,
+							"INFO",
-					`state=${req.cookies[SIDname]}`
+							"APP_REJECTED_GITHUB_AUTHORIZE",
-				].join("&");
+							`A user tried to use github authorize, but the APP module is currently not ready.`
-				return res.redirect(
+						);
-					`https://github.com/login/oauth/authorize?${params}`
+						return redirectOnErr(res, "Something went wrong on our end. Please try again later.");
-				);
+					}
-			});
 
-			app.get("/auth/github/authorize/callback", async (req, res) => {
+					const params = [
-				if (this.getStatus() !== "READY") {
+						`client_id=${config.get("apis.github.client")}`,
-					this.log(
+						`redirect_uri=${config.get("apis.github.redirect_uri")}`,
-						"INFO",
+						`scope=user:email`
-						"APP_REJECTED_GITHUB_AUTHORIZE",
+					].join("&");
-						`A user tried to use github authorize, but the APP module is currently not ready.`
+					return res.redirect(`https://github.com/login/oauth/authorize?${params}`);
-					);
+				});
 
-					return redirectOnErr(
+				app.get("/auth/github/link", async (req, res) => {
-						res,
+					if (this.getStatus() !== "READY") {
-						"Something went wrong on our end. Please try again later."
+						this.log(
-					);
+							"INFO",
-				}
+							"APP_REJECTED_GITHUB_AUTHORIZE",
+							`A user tried to use github authorize, but the APP module is currently not ready.`
+						);
+						return redirectOnErr(res, "Something went wrong on our end. Please try again later.");
+					}
 
-				const { code } = req.query;
+					const params = [
-				let accessToken;
+						`client_id=${config.get("apis.github.client")}`,
-				let body;
+						`redirect_uri=${config.get("apis.github.redirect_uri")}`,
-				let address;
+						`scope=user:email`,
+						`state=${req.cookies[SIDname]}`
+					].join("&");
+					return res.redirect(`https://github.com/login/oauth/authorize?${params}`);
+				});
+
+				app.get("/auth/github/authorize/callback", async (req, res) => {
+					if (this.getStatus() !== "READY") {
+						this.log(
+							"INFO",
+							"APP_REJECTED_GITHUB_AUTHORIZE",
+							`A user tried to use github authorize, but the APP module is currently not ready.`
+						);
 
-				const { state } = req.query;
+						return redirectOnErr(res, "Something went wrong on our end. Please try again later.");
+					}
 
-				const verificationToken = await UtilsModule.runJob(
+					const { code } = req.query;
-					"GENERATE_RANDOM_STRING",
+					let accessToken;
-					{ length: 64 }
+					let body;
-				);
+					let address;
 
-				return async.waterfall(
+					const { state } = req.query;
-					[
-						next => {
-							if (req.query.error)
-								return next(req.query.error_description);
-							return next();
-						},
 
-						next => {
+					const verificationToken = await UtilsModule.runJob("GENERATE_RANDOM_STRING", { length: 64 });
-							oauth2.getOAuthAccessToken(
-								code,
-								{ redirect_uri: redirectUri },
-								next
-							);
-						},
 
-						(_accessToken, refreshToken, results, next) => {
+					return async.waterfall(
-							if (results.error)
+						[
-								return next(results.error_description);
+							next => {
+								if (req.query.error) return next(req.query.error_description);
+								return next();
+							},
 
-							accessToken = _accessToken;
+							next => {
+								oauth2.getOAuthAccessToken(code, { redirect_uri: redirectUri }, next);
+							},
 
-							const options = {
+							(_accessToken, refreshToken, results, next) => {
-								headers: {
+								if (results.error) return next(results.error_description);
-									"User-Agent": "request",
-									Authorization: `token ${accessToken}`
-								}
-							};
 
-							return axios
+								accessToken = _accessToken;
-								.get("https://api.github.com/user", options)
-								.then(github => next(null, github))
-								.catch(err => next(err));
-						},
 
-						(github, next) => {
+								const options = {
-							if (github.status !== 200)
+									headers: {
-								return next(github.data.message);
+										"User-Agent": "request",
-
+										Authorization: `token ${accessToken}`
-							if (state) {
+									}
-								return async.waterfall(
+								};
-									[
+
-										next => {
+								return axios
-											CacheModule.runJob("HGET", {
+									.get("https://api.github.com/user", options)
-												table: "sessions",
+									.then(github => next(null, github))
-												key: state
+									.catch(err => next(err));
-											})
+							},
-												.then(session =>
+
-													next(null, session)
+							(github, next) => {
-												)
+								if (github.status !== 200) return next(github.data.message);
-												.catch(next);
+
-										},
+								if (state) {
-
+									return async.waterfall(
-										(session, next) => {
+										[
-											if (!session)
+											next => {
-												return next("Invalid session.");
+												CacheModule.runJob("HGET", {
-											return userModel.findOne(
+													table: "sessions",
-												{ _id: session.userId },
+													key: state
-												next
+												})
-											);
+													.then(session => next(null, session))
-										},
+													.catch(next);
-
+											},
-										(user, next) => {
+
-											if (!user)
+											(session, next) => {
-												return next("User not found.");
+												if (!session) return next("Invalid session.");
-											if (
+												return userModel.findOne({ _id: session.userId }, next);
-												user.services.github &&
+											},
-												user.services.github.id
+
-											)
+											(user, next) => {
-												return next(
+												if (!user) return next("User not found.");
-													"Account already has GitHub linked."
+												if (user.services.github && user.services.github.id)
-												);
+													return next("Account already has GitHub linked.");
-
+
-											return userModel.updateOne(
+												return userModel.updateOne(
-												{ _id: user._id },
+													{ _id: user._id },
-												{
+													{
-													$set: {
+														$set: {
-														"services.github": {
+															"services.github": {
-															id: github.data.id,
+																id: github.data.id,
-															access_token:
+																access_token: accessToken
-																accessToken
+															}
 														}
+													},
+													{ runValidators: true },
+													err => {
+														if (err) return next(err);
+														return next(null, user, github.data);
 													}
-												},
+												);
-												{ runValidators: true },
+											},
-												err => {
+
-													if (err) return next(err);
+											user => {
-													return next(
+												CacheModule.runJob("PUB", {
-														null,
+													channel: "user.linkGithub",
-														user,
+													value: user._id
-														github.data
+												});
-													);
+
-												}
+												CacheModule.runJob("PUB", {
-											);
+													channel: "user.updated",
-										},
+													value: { userId: user._id }
-
+												});
-										user => {
+
-											CacheModule.runJob("PUB", {
+												res.redirect(`${config.get("domain")}/settings?tab=security`);
-												channel: "user.linkGithub",
+											}
-												value: user._id
+										],
-											});
+										next
-
+									);
-											CacheModule.runJob("PUB", {
+								}
-												channel: "user.updated",
-												value: { userId: user._id }
-											});
-
-											res.redirect(
-												`${config.get(
-													"domain"
-												)}/settings?tab=security`
-											);
-										}
-									],
-									next
-								);
-							}
 
-							if (!github.data.id)
+								if (!github.data.id) return next("Something went wrong, no id.");
-								return next("Something went wrong, no id.");
 
-							return userModel.findOne(
+								return userModel.findOne({ "services.github.id": github.data.id }, (err, user) => {
-								{ "services.github.id": github.data.id },
-								(err, user) => {
 									next(err, user, github.data);
-								}
+								});
-							);
+							},
-						},
-
-						(user, _body, next) => {
-							body = _body;
 
-							if (user) {
+							(user, _body, next) => {
-								user.services.github.access_token = accessToken;
+								body = _body;
-								return user.save(() => next(true, user._id));
-							}
 
-							return userModel.findOne(
+								if (user) {
-								{
+									user.services.github.access_token = accessToken;
-									username: new RegExp(`^${body.login}$`, "i")
+									return user.save(() => next(true, user._id));
-								},
+								}
-								(err, user) => next(err, user)
-							);
-						},
 
-						(user, next) => {
+								return userModel.findOne(
-							if (user)
+									{
-								return next(
+										username: new RegExp(`^${body.login}$`, "i")
-									`An account with that username already exists.`
+									},
+									(err, user) => next(err, user)
 								);
+							},
 
-							return axios
+							(user, next) => {
-								.get("https://api.github.com/user/emails", {
+								if (user) return next(`An account with that username already exists.`);
-									headers: {
-										"User-Agent": "request",
-										Authorization: `token ${accessToken}`
-									}
-								})
-								.then(res => next(null, res.data))
-								.catch(err => next(err));
-						},
 
-						(body, next) => {
+								return axios
-							if (!Array.isArray(body)) return next(body.message);
+									.get("https://api.github.com/user/emails", {
-
+										headers: {
-							body.forEach(email => {
+											"User-Agent": "request",
-								if (email.primary)
+											Authorization: `token ${accessToken}`
-									address = email.email.toLowerCase();
+										}
-							});
+									})
+									.then(res => next(null, res.data))
+									.catch(err => next(err));
+							},
 
-							return userModel.findOne(
+							(body, next) => {
-								{ "email.address": address },
+								if (!Array.isArray(body)) return next(body.message);
-								next
-							);
-						},
 
-						(user, next) => {
+								body.forEach(email => {
-							UtilsModule.runJob("GENERATE_RANDOM_STRING", {
+									if (email.primary) address = email.email.toLowerCase();
-								length: 12
+								});
-							}).then(_id => next(null, user, _id));
-						},
-
-						(user, _id, next) => {
-							if (user) {
-								if (
-									Object.keys(
-										JSON.parse(user.services.github)
-									).length === 0
-								)
-									return next(
-										`An account with that email address exists, but is not linked to GitHub.`
-									);
-								return next(
-									`An account with that email address already exists.`
-								);
-							}
 
-							return next(null, {
+								return userModel.findOne({ "email.address": address }, next);
-								_id,
+							},
-								username: body.login,
+
-								name: body.name,
+							(user, next) => {
-								location: body.location,
+								UtilsModule.runJob("GENERATE_RANDOM_STRING", {
-								bio: body.bio,
+									length: 12
-								email: {
+								}).then(_id => next(null, user, _id));
-									address,
+							},
-									verificationToken
+
-								},
+							(user, _id, next) => {
-								services: {
+								if (user) {
-									github: {
+									if (Object.keys(JSON.parse(user.services.github)).length === 0)
-										id: body.id,
+										return next(
-										access_token: accessToken
+											`An account with that email address exists, but is not linked to GitHub.`
-									}
+										);
+									return next(`An account with that email address already exists.`);
 								}
-							});
-						},
-
-						// generate the url for gravatar avatar
-						(user, next) => {
-							UtilsModule.runJob("CREATE_GRAVATAR", {
-								email: user.email.address
-							}).then(url => {
-								user.avatar = { type: "gravatar", url };
-								next(null, user);
-							});
-						},
-
-						// save the new user to the database
-						(user, next) => {
-							userModel.create(user, next);
-						},
 
-						(user, next) => {
+								return next(null, {
-							MailModule.runJob("GET_SCHEMA", {
+									_id,
-								schemaName: "verifyEmail"
+									username: body.login,
-							}).then(verifyEmailSchema => {
+									name: body.name,
-								verifyEmailSchema(
+									location: body.location,
-									address,
+									bio: body.bio,
-									body.login,
+									email: {
-									user.email.verificationToken,
+										address,
-									err => {
+										verificationToken
-										next(err, user._id);
+									},
+									services: {
+										github: {
+											id: body.id,
+											access_token: accessToken
+										}
 									}
-								);
+								});
-							});
+							},
-						},
+
-
+							// generate the url for gravatar avatar
-						// create a liked songs playlist for the new user
+							(user, next) => {
-						(userId, next) => {
+								UtilsModule.runJob("CREATE_GRAVATAR", {
-							PlaylistsModule.runJob("CREATE_USER_PLAYLIST", {
+									email: user.email.address
-								userId,
+								}).then(url => {
-								displayName: "Liked Songs",
+									user.avatar = { type: "gravatar", url };
-								type: "user-liked"
+									next(null, user);
-							})
+								});
-								.then(likedSongsPlaylist => {
+							},
-									next(null, likedSongsPlaylist, userId);
+
+							// save the new user to the database
+							(user, next) => {
+								userModel.create(user, next);
+							},
+
+							(user, next) => {
+								MailModule.runJob("GET_SCHEMA", {
+									schemaName: "verifyEmail"
+								}).then(verifyEmailSchema => {
+									verifyEmailSchema(address, body.login, user.email.verificationToken, err => {
+										next(err, user._id);
+									});
+								});
+							},
+
+							// create a liked songs playlist for the new user
+							(userId, next) => {
+								PlaylistsModule.runJob("CREATE_USER_PLAYLIST", {
+									userId,
+									displayName: "Liked Songs",
+									type: "user-liked"
 								})
-								.catch(err => next(err));
+									.then(likedSongsPlaylist => {
-						},
+										next(null, likedSongsPlaylist, userId);
-
+									})
-						// create a disliked songs playlist for the new user
+									.catch(err => next(err));
-						(likedSongsPlaylist, userId, next) => {
+							},
-							PlaylistsModule.runJob("CREATE_USER_PLAYLIST", {
+
-								userId,
+							// create a disliked songs playlist for the new user
-								displayName: "Disliked Songs",
+							(likedSongsPlaylist, userId, next) => {
-								type: "user-disliked"
+								PlaylistsModule.runJob("CREATE_USER_PLAYLIST", {
-							})
+									userId,
-								.then(dislikedSongsPlaylist => {
+									displayName: "Disliked Songs",
-									next(
+									type: "user-disliked"
-										null,
+								})
-										{
+									.then(dislikedSongsPlaylist => {
+										next(
+											null,
+											{
+												likedSongsPlaylist,
+												dislikedSongsPlaylist
+											},
+											userId
+										);
+									})
+									.catch(err => next(err));
+							},
+
+							// associate liked + disliked songs playlist to the user object
+							({ likedSongsPlaylist, dislikedSongsPlaylist }, userId, next) => {
+								userModel.updateOne(
+									{ _id: userId },
+									{
+										$set: {
 											likedSongsPlaylist,
 											dislikedSongsPlaylist
-										},
+										}
-										userId
+									},
-									);
+									{ runValidators: true },
-								})
+									err => {
-								.catch(err => next(err));
+										if (err) return next(err);
-						},
+										return next(null, userId);
-
-						// associate liked + disliked songs playlist to the user object
-						(
-							{ likedSongsPlaylist, dislikedSongsPlaylist },
-							userId,
-							next
-						) => {
-							userModel.updateOne(
-								{ _id: userId },
-								{
-									$set: {
-										likedSongsPlaylist,
-										dislikedSongsPlaylist
 									}
-								},
-								{ runValidators: true },
-								err => {
-									if (err) return next(err);
-									return next(null, userId);
-								}
-							);
-						},
-
-						// add the activity of account creation
-						(userId, next) => {
-							ActivitiesModule.runJob("ADD_ACTIVITY", {
-								userId,
-								type: "user__joined",
-								payload: { message: "Welcome to Musare!" }
-							});
-
-							next(null, userId);
-						}
-					],
-					async (err, userId) => {
-						if (err && err !== true) {
-							err = await UtilsModule.runJob("GET_ERROR", {
-								error: err
-							});
-
-							this.log(
-								"ERROR",
-								"AUTH_GITHUB_AUTHORIZE_CALLBACK",
-								`Failed to authorize with GitHub. "${err}"`
-							);
-
-							return redirectOnErr(res, err);
-						}
-
-						const sessionId = await UtilsModule.runJob("GUID", {});
-						const sessionSchema = await CacheModule.runJob(
-							"GET_SCHEMA",
-							{
-								schemaName: "session"
-							}
-						);
-
-						return CacheModule.runJob("HSET", {
-							table: "sessions",
-							key: sessionId,
-							value: sessionSchema(sessionId, userId)
-						})
-							.then(() => {
-								const date = new Date();
-								date.setTime(
-									new Date().getTime() +
-										2 * 365 * 24 * 60 * 60 * 1000
 								);
+							},
+
+							// add the activity of account creation
+							(userId, next) => {
+								ActivitiesModule.runJob("ADD_ACTIVITY", {
+									userId,
+									type: "user__joined",
+									payload: { message: "Welcome to Musare!" }
+								});
 
-								res.cookie(SIDname, sessionId, {
+								next(null, userId);
-									expires: date,
+							}
-									secure: config.get("cookie.secure"),
+						],
-									path: "/",
+						async (err, userId) => {
-									domain: config.get("cookie.domain")
+							if (err && err !== true) {
+								err = await UtilsModule.runJob("GET_ERROR", {
+									error: err
 								});
 
 								this.log(
-									"INFO",
+									"ERROR",
 									"AUTH_GITHUB_AUTHORIZE_CALLBACK",
-									`User "${userId}" successfully authorized with GitHub.`
+									`Failed to authorize with GitHub. "${err}"`
 								);
 
-								res.redirect(`${config.get("domain")}/`);
+								return redirectOnErr(res, err);
+							}
+
+							const sessionId = await UtilsModule.runJob("GUID", {});
+							const sessionSchema = await CacheModule.runJob("GET_SCHEMA", {
+								schemaName: "session"
+							});
+
+							return CacheModule.runJob("HSET", {
+								table: "sessions",
+								key: sessionId,
+								value: sessionSchema(sessionId, userId)
 							})
-							.catch(err => redirectOnErr(res, err.message));
+								.then(() => {
-					}
+									const date = new Date();
-				);
+									date.setTime(new Date().getTime() + 2 * 365 * 24 * 60 * 60 * 1000);
-			});
+
+									res.cookie(SIDname, sessionId, {
+										expires: date,
+										secure: config.get("cookie.secure"),
+										path: "/",
+										domain: config.get("cookie.domain")
+									});
+
+									this.log(
+										"INFO",
+										"AUTH_GITHUB_AUTHORIZE_CALLBACK",
+										`User "${userId}" successfully authorized with GitHub.`
+									);
+
+									res.redirect(`${config.get("domain")}/`);
+								})
+								.catch(err => redirectOnErr(res, err.message));
+						}
+					);
+				});
+			}
 
 			app.get("/auth/verify_email", async (req, res) => {
 				if (this.getStatus() !== "READY") {
 					this.log(
 						"INFO",
-						"APP_REJECTED_GITHUB_AUTHORIZE",
+						"APP_REJECTED_VERIFY_EMAIL",
-						`A user tried to use github authorize, but the APP module is currently not ready.`
+						`A user tried to use verify email, but the APP module is currently not ready.`
-					);
-					return redirectOnErr(
-						res,
-						"Something went wrong on our end. Please try again later."
 					);
+					return redirectOnErr(res, "Something went wrong on our end. Please try again later.");
 				}
 
 				const { code } = req.query;
@@ -548,16 +467,12 @@ class _AppModule extends CoreClass {
 						},
 
 						next => {
-							userModel.findOne(
+							userModel.findOne({ "email.verificationToken": code }, next);
-								{ "email.verificationToken": code },
-								next
-							);
 						},
 
 						(user, next) => {
 							if (!user) return next("User not found.");
-							if (user.email.verified)
+							if (user.email.verified) return next("This email is already verified.");
-								return next("This email is already verified.");
 
 							return userModel.updateOne(
 								{ "email.verificationToken": code },
@@ -577,11 +492,7 @@ class _AppModule extends CoreClass {
 							if (typeof err === "string") error = err;
 							else if (err.message) error = err.message;
 
-							this.log(
+							this.log("ERROR", "VERIFY_EMAIL", `Verifying email failed. "${error}"`);
-								"ERROR",
-								"VERIFY_EMAIL",
-								`Verifying email failed. "${error}"`
-							);
 
 							return res.json({
 								status: "error",
@@ -589,17 +500,9 @@ class _AppModule extends CoreClass {
 							});
 						}
 
-						this.log(
+						this.log("INFO", "VERIFY_EMAIL", `Successfully verified email.`);
-							"INFO",
-							"VERIFY_EMAIL",
-							`Successfully verified email.`
-						);
 
-						return res.redirect(
+						return res.redirect(`${config.get("domain")}?msg=Thank you for verifying your email`);
-							`${config.get(
-								"domain"
-							)}?msg=Thank you for verifying your email`
-						);
 					}
 				);
 			});

frontend/dist/config/template.json

@@ -28,7 +28,8 @@
 		},
 		"mediasession": false,
 		"christmas": false,
-		"registrationDisabled": false
+		"registrationDisabled": false,
+		"githubAuthentication": false
 	},
 	"messages": {
 		"accountRemoval": "Your account will be deactivated instantly and your data will shortly be deleted by an admin."
@@ -53,5 +54,5 @@
 		"version": true
 	},
 	"skipConfigVersionCheck": false,
-	"configVersion": 12
+	"configVersion": 13
 }

frontend/src/App.vue

@@ -267,10 +267,12 @@ onMounted(async () => {
 			new Toast({ content: msg, timeout: 20000 });
 		}
 
-		if (localStorage.getItem("github_redirect")) {
+		lofig.get("siteSettings.githubAuthentication").then(enabled => {
-			router.push(localStorage.getItem("github_redirect"));
+			if (enabled && localStorage.getItem("github_redirect")) {
-			localStorage.removeItem("github_redirect");
+				router.push(localStorage.getItem("github_redirect"));
-		}
+				localStorage.removeItem("github_redirect");
+			}
+		});
 	});
 
 	if (localStorage.getItem("nightmode") === "true") {

frontend/src/components/modals/Login.vue

@@ -12,7 +12,10 @@ const password = ref({
 	visible: false
 });
 const apiDomain = ref("");
-const registrationDisabled = ref(false);
+const siteSettings = ref({
+	registrationDisabled: false,
+	githubAuthentication: false
+});
 const passwordElement = ref();
 
 const store = useStore();
@@ -66,9 +69,7 @@ const githubRedirect = () => {
 
 onMounted(async () => {
 	apiDomain.value = await lofig.get("backend.apiDomain");
-	registrationDisabled.value = await lofig.get(
+	siteSettings.value = await lofig.get("siteSettings");
-		"siteSettings.registrationDisabled"
-	);
 });
 </script>
 
@@ -149,6 +150,7 @@ onMounted(async () => {
 						Login
 					</button>
 					<a
+						v-if="siteSettings.githubAuthentication"
 						class="button is-github"
 						:href="apiDomain + '/auth/github/authorize'"
 						@click="githubRedirect()"
@@ -164,7 +166,7 @@ onMounted(async () => {
 				</div>
 
 				<p
-					v-if="!registrationDisabled"
+					v-if="!siteSettings.registrationDisabled"
 					class="content-box-optional-helper"
 				>
 					<a @click="changeToRegisterModal()">

frontend/src/components/modals/Register.vue

@@ -37,7 +37,10 @@ const recaptcha = ref({
 	enabled: false
 });
 const apiDomain = ref("");
-const registrationDisabled = ref(false);
+const siteSettings = ref({
+	registrationDisabled: false,
+	githubAuthentication: false
+});
 const passwordElement = ref();
 
 const store = useStore();
@@ -146,12 +149,12 @@ watch(
 
 onMounted(async () => {
 	apiDomain.value = await lofig.get("backend.apiDomain");
-	lofig.get("siteSettings.registrationDisabled").then(res => {
+	lofig.get("siteSettings").then(settings => {
-		if (res) {
+		if (settings.registrationDisabled) {
 			new Toast("Registration is disabled.");
 			closeCurrentModal();
 		} else {
-			registrationDisabled.value = res;
+			siteSettings.value = settings;
 		}
 	});
 
@@ -281,6 +284,7 @@ onMounted(async () => {
 						Register
 					</button>
 					<a
+						v-if="siteSettings.githubAuthentication"
 						class="button is-github"
 						:href="apiDomain + '/auth/github/authorize'"
 						@click="githubRedirect()"

frontend/src/components/modals/RemoveAccount.vue

@@ -35,6 +35,7 @@ const password = ref({
 	visible: false
 });
 const passwordElement = ref();
+const githubAuthentication = ref(false);
 
 const checkForAutofill = (cb, event) => {
 	if (
@@ -107,6 +108,9 @@ const remove = () =>
 onMounted(async () => {
 	apiDomain.value = await lofig.get("backend.apiDomain");
 	accountRemovalMessage.value = await lofig.get("messages.accountRemoval");
+	githubAuthentication.value = await lofig.get(
+		"siteSettings.githubAuthentication"
+	);
 
 	if (githubLinkConfirmed.value === true) confirmGithubLink();
 });
@@ -160,7 +164,10 @@ onMounted(async () => {
 			<div
 				class="content-box"
 				id="password-linked"
-				v-if="step === 'confirm-identity' && isPasswordLinked"
+				v-if="
+					step === 'confirm-identity' &&
+					(isPasswordLinked || !githubAuthentication)
+				"
 			>
 				<h2 class="content-box-title">Enter your password</h2>
 				<p class="content-box-description">
@@ -217,7 +224,11 @@ onMounted(async () => {
 
 			<div
 				class="content-box"
-				v-else-if="isGithubLinked && step === 'confirm-identity'"
+				v-else-if="
+					githubAuthentication &&
+					isGithubLinked &&
+					step === 'confirm-identity'
+				"
 			>
 				<h2 class="content-box-title">Verify your GitHub</h2>
 				<p class="content-box-description">
@@ -237,7 +248,10 @@ onMounted(async () => {
 				</div>
 			</div>
 
-			<div class="content-box" v-if="step === 'relink-github'">
+			<div
+				class="content-box"
+				v-if="githubAuthentication && step === 'relink-github'"
+			>
 				<h2 class="content-box-title">Re-link GitHub</h2>
 				<p class="content-box-description">
 					Re-link your GitHub account in order to verify your

frontend/src/main.ts

@@ -16,7 +16,7 @@ const defaultConfigURL = new URL(
 	import.meta.url
 ).toString();
 
-const REQUIRED_CONFIG_VERSION = 12;
+const REQUIRED_CONFIG_VERSION = 13;
 
 lofig.folder = defaultConfigURL;
 

frontend/src/pages/Settings/Tabs/Security.vue

@@ -22,7 +22,10 @@ const store = useStore();
 const { socket } = store.state.websockets;
 
 const apiDomain = ref("");
-const sitename = ref("Musare");
+const siteSettings = ref({
+	sitename: "Musare",
+	githubAuthentication: false
+});
 const validation = reactive({
 	oldPassword: {
 		value: "",
@@ -107,7 +110,7 @@ const removeSessions = () => {
 
 onMounted(async () => {
 	apiDomain.value = await lofig.get("backend.apiDomain");
-	sitename.value = await lofig.get("siteSettings.sitename");
+	siteSettings.value = await lofig.get("siteSettings");
 });
 
 watch(validation, newValidation => {
@@ -227,10 +230,10 @@ watch(validation, newValidation => {
 			<div class="section-margin-bottom" />
 		</div>
 
-		<div v-if="!isGithubLinked">
+		<div v-if="!isGithubLinked && siteSettings.githubAuthentication">
 			<h4 class="section-title">Link your GitHub account</h4>
 			<p class="section-description">
-				Link your {{ sitename }} account with GitHub
+				Link your {{ siteSettings.sitename }} account with GitHub
 			</p>
 
 			<hr class="section-horizontal-rule" />
@@ -255,7 +258,7 @@ watch(validation, newValidation => {
 
 			<div class="row">
 				<quick-confirm
-					v-if="isPasswordLinked"
+					v-if="isPasswordLinked && siteSettings.githubAuthentication"
 					@confirm="unlinkPassword()"
 				>
 					<a class="button is-danger">