From e0512e093154a3e5eead67f0d2050f5c5c4d16f1 Mon Sep 17 00:00:00 2001
From: Dario Ghunney Ware <dariogware@gmail.com>
Date: Tue, 21 Oct 2025 14:48:17 +0100
Subject: [PATCH] Enable access to tools with security disabled

---
 .../src/main/resources/application.properties |  6 ++--
 .../configuration/SecurityConfiguration.java  |  1 +
 frontend/src/auth/UseSession.tsx              | 18 +++++++++++
 frontend/src/auth/springAuthClient.ts         | 30 +++++++++++++++++++
 frontend/src/routes/Landing.tsx               | 17 +++++++++--
 5 files changed, 66 insertions(+), 6 deletions(-)

diff --git a/app/core/src/main/resources/application.properties b/app/core/src/main/resources/application.properties
index 522ca8830..18e1f4f8a 100644
--- a/app/core/src/main/resources/application.properties
+++ b/app/core/src/main/resources/application.properties
@@ -2,10 +2,10 @@ multipart.enabled=true
 logging.level.org.springframework=WARN
 logging.level.org.hibernate=WARN
 logging.level.org.eclipse.jetty=WARN
-logging.level.org.springframework.security.oauth2=DEBUG
+#logging.level.org.springframework.security.oauth2=DEBUG
 #logging.level.org.springframework.security=DEBUG
 #logging.level.org.opensaml=DEBUG
-logging.level.stirling.software.proprietary.security=DEBUG
+#logging.level.stirling.software.proprietary.security=DEBUG
 logging.level.com.zaxxer.hikari=WARN
 spring.jpa.open-in-view=false
 server.forward-headers-strategy=NATIVE
@@ -16,7 +16,7 @@ server.error.include-exception=true
 server.error.include-message=always
 #logging.level.org.springframework.web=DEBUG
 #logging.level.org.springframework=DEBUG
-logging.level.org.springframework.security=DEBUG
+#logging.level.org.springframework.security=DEBUG
 
 spring.servlet.multipart.max-file-size=2000MB
 spring.servlet.multipart.max-request-size=2000MB
diff --git a/app/proprietary/src/main/java/stirling/software/proprietary/security/configuration/SecurityConfiguration.java b/app/proprietary/src/main/java/stirling/software/proprietary/security/configuration/SecurityConfiguration.java
index 956dc44c6..89b300759 100644
--- a/app/proprietary/src/main/java/stirling/software/proprietary/security/configuration/SecurityConfiguration.java
+++ b/app/proprietary/src/main/java/stirling/software/proprietary/security/configuration/SecurityConfiguration.java
@@ -258,6 +258,7 @@ public class SecurityConfiguration {
                                                         || trimmedUri.startsWith("/favicon")
                                                         || trimmedUri.startsWith(
                                                                 "/api/v1/info/status")
+                                                        || trimmedUri.startsWith("/api/v1/config")
                                                         || trimmedUri.startsWith(
                                                                 "/api/v1/auth/register")
                                                         || trimmedUri.startsWith(
diff --git a/frontend/src/auth/UseSession.tsx b/frontend/src/auth/UseSession.tsx
index 743d728f0..a0aa9d4cf 100644
--- a/frontend/src/auth/UseSession.tsx
+++ b/frontend/src/auth/UseSession.tsx
@@ -94,6 +94,24 @@ export function AuthProvider({ children }: { children: ReactNode }) {
     const initializeAuth = async () => {
       try {
         console.debug('[Auth] Initializing auth...');
+
+        // First check if login is enabled
+        const configResponse = await fetch('/api/v1/config/app-config');
+        if (configResponse.ok) {
+          const config = await configResponse.json();
+
+          // If login is disabled, skip authentication entirely
+          if (config.enableLogin === false) {
+            console.debug('[Auth] Login disabled - skipping authentication');
+            if (mounted) {
+              setSession(null);
+              setLoading(false);
+            }
+            return;
+          }
+        }
+
+        // Login is enabled, proceed with normal auth check
         const { data, error } = await springAuth.getSession();
 
         if (!mounted) return;
diff --git a/frontend/src/auth/springAuthClient.ts b/frontend/src/auth/springAuthClient.ts
index 697fe3184..e5091ba4d 100644
--- a/frontend/src/auth/springAuthClient.ts
+++ b/frontend/src/auth/springAuthClient.ts
@@ -433,5 +433,35 @@ export const isUserAnonymous = (user: User | null) => {
   return user?.is_anonymous === true;
 };
 
+/**
+ * Create an anonymous user object for use when login is disabled
+ * This provides a consistent User interface throughout the app
+ */
+export const createAnonymousUser = (): User => {
+  return {
+    id: 'anonymous',
+    email: 'anonymous@local',
+    username: 'Anonymous User',
+    role: 'USER',
+    enabled: true,
+    is_anonymous: true,
+    app_metadata: {
+      provider: 'anonymous',
+    },
+  };
+};
+
+/**
+ * Create an anonymous session for use when login is disabled
+ */
+export const createAnonymousSession = (): Session => {
+  return {
+    user: createAnonymousUser(),
+    access_token: '',
+    expires_in: Number.MAX_SAFE_INTEGER,
+    expires_at: Number.MAX_SAFE_INTEGER,
+  };
+};
+
 // Export auth client as default for convenience
 export default springAuth;
\ No newline at end of file
diff --git a/frontend/src/routes/Landing.tsx b/frontend/src/routes/Landing.tsx
index 5246da504..0eb2ba091 100644
--- a/frontend/src/routes/Landing.tsx
+++ b/frontend/src/routes/Landing.tsx
@@ -1,26 +1,31 @@
-import { useMemo } from 'react'
 import { Navigate, useLocation } from 'react-router-dom'
 import { useAuth } from '../auth/UseSession'
+import { useAppConfig } from '../hooks/useAppConfig'
 import HomePage from '../pages/HomePage'
 import Login from './Login'
 
 /**
  * Landing component - Smart router based on authentication status
  *
+ * If login is disabled: Show HomePage directly (anonymous mode)
  * If user is authenticated: Show HomePage
  * If user is not authenticated: Show Login or redirect to /login
  */
 export default function Landing() {
-  const { session, loading } = useAuth()
+  const { session, loading: authLoading } = useAuth()
+  const { config, loading: configLoading } = useAppConfig()
   const location = useLocation()
 
+  const loading = authLoading || configLoading
+
   console.log('[Landing] State:', {
     pathname: location.pathname,
     loading,
     hasSession: !!session,
+    loginEnabled: config?.enableLogin,
   })
 
-  // Show loading while checking auth
+  // Show loading while checking auth and config
   if (loading) {
     return (
       <div style={{ minHeight: '100vh', display: 'flex', alignItems: 'center', justifyContent: 'center' }}>
@@ -34,6 +39,12 @@ export default function Landing() {
     )
   }
 
+  // If login is disabled, show app directly (anonymous mode)
+  if (config?.enableLogin === false) {
+    console.debug('[Landing] Login disabled - showing app in anonymous mode')
+    return <HomePage />
+  }
+
   // If we have a session, show the main app
   if (session) {
     return <HomePage />