Allow configuration to disable the username and password login interface.

Used for when admins only want users to login via OAuth.

pkg/api/login.go

@@ -29,6 +29,7 @@ func LoginView(c *middleware.Context) {
 	viewData.Settings["githubAuthEnabled"] = setting.OAuthService.GitHub
 	viewData.Settings["disableUserSignUp"] = !setting.AllowUserSignUp
 	viewData.Settings["loginHint"] = setting.LoginHint
+	viewData.Settings["oauthOnly"] = setting.DisableUserPassLogin
 
 	if !tryLoginUsingRememberCookie(c) {
 		c.HTML(200, VIEW_INDEX, viewData)

pkg/setting/setting.go

@@ -82,13 +82,14 @@ var (
 	ExternalEnabled      bool
 
 	// User settings
-	AllowUserSignUp    bool
-	AllowUserOrgCreate bool
-	AutoAssignOrg      bool
-	AutoAssignOrgRole  string
-	VerifyEmailEnabled bool
-	LoginHint          string
-	DefaultTheme       string
+	AllowUserSignUp      bool
+	AllowUserOrgCreate   bool
+	AutoAssignOrg        bool
+	AutoAssignOrgRole    string
+	VerifyEmailEnabled   bool
+	LoginHint            string
+	DefaultTheme         string
+	DisableUserPassLogin bool
 
 	// Http auth
 	AdminUser     string
@@ -485,6 +486,7 @@ func NewConfigContext(args *CommandLineArgs) error {
 	VerifyEmailEnabled = users.Key("verify_email_enabled").MustBool(false)
 	LoginHint = users.Key("login_hint").String()
 	DefaultTheme = users.Key("default_theme").String()
+	DisableUserPassLogin = users.Key("disable_user_pass_login").MustBool(false)
 
 	// anonymous access
 	AnonymousEnabled = Cfg.Section("auth.anonymous").Key("enabled").MustBool(false)

public/app/core/controllers/login_ctrl.js

@@ -18,6 +18,7 @@ function (angular, coreModule, config) {
     $scope.googleAuthEnabled = config.googleAuthEnabled;
     $scope.githubAuthEnabled = config.githubAuthEnabled;
     $scope.oauthEnabled = config.githubAuthEnabled || config.googleAuthEnabled;
+    $scope.oauthOnly = config.oauthOnly;
     $scope.disableUserSignUp = config.disableUserSignUp;
     $scope.loginHint     = config.loginHint;
 

public/app/partials/login.html

@@ -17,7 +17,7 @@
 				</button>
 			</div>
 
-      <form name="loginForm" class="login-form gf-form-group">
+      <form name="loginForm" class="login-form gf-form-group" ng-if="!oauthOnly">
 				<div class="gf-form" ng-if="loginMode">
 					<span class="gf-form-label width-7">User</span>
 					<input type="text" name="username" class="gf-form-input max-width-14" required ng-model='formModel.user' placeholder={{loginHint}}>
@@ -40,7 +40,7 @@
 			</form>
 
 			<div ng-if="loginMode">
-				<div class="text-center login-divider" ng-if="oauthEnabled">
+				<div class="text-center login-divider" ng-if="oauthEnabled && !oauthOnly">
 					<div class="login-divider-line">
 						<span class="login-divider-text">
 							Or login with
@@ -64,7 +64,7 @@
 
 			<div class="clearfix"></div>
 
-			<div class="text-center password-recovery">
+			<div class="text-center password-recovery" ng-if="!oauthOnly">
 				<div class="text-center">
 					<a href="user/password/send-reset-email">
 						Forgot your password?