add Config::DISABLE_LOGIN_FORM to allow limiting logins to SSO providers

author: Andrew Dolgov <fox@fakecake.org> 2025-03-14 11:32:46 +0300
committer: Andrew Dolgov <fox@fakecake.org> 2025-03-14 11:43:25 +0300
commit: d373c1f978b4e4aae0b17ae696e73d46ffd40aee (patch)
tree: 6299d4f3cac0238fb158d1f839d9e4bfc90f18c3 /classes/Handler_Public.php
parent: 1fc4eed6cd9d887b52ea09bab6bd1ff75c79c25c (diff)
1 files changed, 7 insertions, 0 deletions
diff --git a/classes/Handler_Public.php b/classes/Handler_Public.php
index efa26646b..abff08376 100644
--- a/classes/Handler_Public.php
+++ b/classes/Handler_Public.php
@@ -431,6 +431,13 @@ class Handler_Public extends Handler {
 	}
 
 	function forgotpass(): void {
+		if (Config::get(Config::DISABLE_LOGIN_FORM) || !str_contains(Config::get(Config::PLUGINS), "auth_internal")) {
+			header($_SERVER["SERVER_PROTOCOL"]." 403 Forbidden");
+			echo "Forbidden.";
+
+			return;
+		}
+
 		startup_gettext();
 		session_start();
author	Andrew Dolgov <fox@fakecake.org>	2025-03-14 11:32:46 +0300
committer	Andrew Dolgov <fox@fakecake.org>	2025-03-14 11:43:25 +0300
commit	d373c1f978b4e4aae0b17ae696e73d46ffd40aee (patch)
tree	6299d4f3cac0238fb158d1f839d9e4bfc90f18c3 /classes/Handler_Public.php
parent	1fc4eed6cd9d887b52ea09bab6bd1ff75c79c25c (diff)