feat: add flag to disable password auth (#5991)

Adds a flag --disable-password-auth that prevents the password login endpoint from working unless the user has the "owner" (aka. site admin) role. Adds a subcommand `coder server create-admin-user` which creates a user directly in the database with the "owner" role, the "admin" role in every organization, and password auth. This is to avoid lock-out situations where all accounts have the login type set to an identity provider and nobody can login.
2025-07-12 00:14:10 +00:00 · 2023-02-07 01:58:21 +11:00
parent 968d7e4dc5
commit 4fe221a700
21 changed files with 1352 additions and 542 deletions
--- a/cli/deployment/config.go
+++ b/cli/deployment/config.go
@ -550,6 +550,12 @@ func newConfig() *codersdk.DeploymentConfig {
 			Flag:    "disable-session-expiry-refresh",
 			Default: false,
 		},
+		DisablePasswordAuth: &codersdk.DeploymentConfigField[bool]{
+			Name:    "Disable Password Authentication",
+			Usage:   "Disable password authentication. This is recommended for security purposes in production deployments that rely on an identity provider. Any user with the owner role will be able to sign in with their password regardless of this setting to avoid potential lock out. If you are locked out of your account, you can use the `coder server create-admin` command to create a new admin user directly in the database.",
+			Flag:    "disable-password-auth",
+			Default: false,
+		},
 	}
 }