allow disabling authentication for server version, closes #1132

2025-06-06 09:58:32 +02:00 · 2020-08-29 00:11:50 +02:00 · 2020-08-29 00:11:50 +02:00 · 7fb22d41a0
commit 7fb22d41a0
parent 2823bf3488
3 changed files with 13 additions and 4 deletions
--- a/config-sample.ini
+++ b/config-sample.ini
@ -2,6 +2,9 @@
 # Instance name can be used to distinguish between different instances
 instanceName=

+# set to true to allow using Trilium without authentication (makes sense for server build only, desktop build doesn't need password)
+noAuthentication=false
+
 # Disable automatically generating desktop icon
 # noDesktopIcon=true

--- a/src/services/auth.js
+++ b/src/services/auth.js
@ -6,12 +6,15 @@ const sqlInit = require('./sql_init');
 const utils = require('./utils');
 const passwordEncryptionService = require('./password_encryption');
 const optionService = require('./options');
+const config = require('./config');
+
+const noAuthentication = config.General && config.General.noAuthentication === true;

 function checkAuth(req, res, next) {
    if (!sqlInit.isDbInitialized()) {
        res.redirect("setup");
    }
-    else if (!req.session.loggedIn && !utils.isElectron()) {
+    else if (!req.session.loggedIn && !utils.isElectron() && !noAuthentication) {
        res.redirect("login");
    }
    else {
@ -22,7 +25,7 @@ function checkAuth(req, res, next) {
 // for electron things which need network stuff
 // currently we're doing that for file upload because handling form data seems to be difficult
 function checkApiAuthOrElectron(req, res, next) {
-    if (!req.session.loggedIn && !utils.isElectron()) {
+    if (!req.session.loggedIn && !utils.isElectron() && !noAuthentication) {
        reject(req, res, "Not authorized");
    }
    else {
@ -31,7 +34,7 @@ function checkApiAuthOrElectron(req, res, next) {
 }

 function checkApiAuth(req, res, next) {
-    if (!req.session.loggedIn) {
+    if (!req.session.loggedIn && !noAuthentication) {
        reject(req, res, "Not authorized");
    }
    else {
--- a/src/services/ws.js
+++ b/src/services/ws.js
@ -3,6 +3,7 @@ const utils = require('./utils');
 const log = require('./log');
 const sql = require('./sql');
 const cls = require('./cls');
+const config = require('./config');
 const syncMutexService = require('./sync_mutex');
 const protectedSessionService = require('./protected_session');

@ -12,7 +13,9 @@ function init(httpServer, sessionParser) {
    webSocketServer = new WebSocket.Server({
        verifyClient: (info, done) => {
            sessionParser(info.req, {}, () => {
-                const allowed = utils.isElectron() || info.req.session.loggedIn;
+                const allowed = utils.isElectron()
+                    || info.req.session.loggedIn
+                    || (config.General && config.General.noAuthentication);

                if (!allowed) {
                    log.error("WebSocket connection not allowed because session is neither electron nor logged in.");