Amsterdam · 4c0n · Mar 11, 2025 · Mar 11, 2025 · Mar 11, 2025 · Mar 11, 2025
diff --git a/app/signals/apps/signals/tests/test_span_creation.py b/app/signals/apps/signals/tests/test_span_creation.py
@@ -42,7 +42,7 @@ def setUp(self):
 
     def test_span_creation(self):
         """
-        Test if the app succesfully creates spans by creating a
+        Test if the app successfully creates spans by creating a
         custom trace and performing a query inside it.
         """
 

diff --git a/app/signals/settings.py b/app/signals/settings.py
@@ -173,9 +173,12 @@ def is_super_user(user) -> bool:
 
 AUTHENTICATION_BACKENDS: list[str] = [
     'signals.admin.oidc.backends.AuthenticationBackend',
-    'django.contrib.auth.backends.ModelBackend',
 ]
 
+ADMIN_ENABLE_LOCAL_LOGIN: bool = os.getenv('ADMIN_ENABLE_LOCAL_LOGIN', False) in TRUE_VALUES
+if ADMIN_ENABLE_LOCAL_LOGIN:
+    AUTHENTICATION_BACKENDS.append("django.contrib.auth.backends.ModelBackend")
+
 LOGIN_REDIRECT_URL: str = '/signals/admin/'
 LOGIN_REDIRECT_URL_FAILURE: str = '/signals/oidc/login_failure/'
 LOGOUT_REDIRECT_URL: str = '/signals/admin/'

diff --git a/app/signals/templates/admin/login.html b/app/signals/templates/admin/login.html
@@ -56,6 +56,7 @@
 </p>
 {% endif %}
 
+{% if ADMIN_ENABLE_LOCAL_LOGIN %}
 <form action="{{ app_path }}" method="post" id="login-form">{% csrf_token %}
 <div class="form-row">
     {{ form.username.errors }}
@@ -66,16 +67,17 @@
     {{ form.password.label_tag }} {{ form.password }}
     <input type="hidden" name="next" value="{{ next }}">
 </div>
+<div class="submit-row">
+    <label>&nbsp;</label><input type="submit" value="{% trans 'Log in' %}">
+</div>
+</form>
+{% endif %}
 {% url 'admin_password_reset' as password_reset_url %}
 {% if password_reset_url %}
 <div class="password-reset-link">
     <a href="{{ password_reset_url }}">{% trans 'Forgotten your password or username?' %}</a>
 </div>
 {% endif %}
-<div class="submit-row">
-    <label>&nbsp;</label><input type="submit" value="{% trans 'Log in' %}">
-</div>
-</form>
 
 {% if OIDC_RP_CLIENT_ID %}
 <div class="sso">

diff --git a/docker-compose/environments/.api b/docker-compose/environments/.api
@@ -29,6 +29,7 @@ OIDC_OP_USER_ENDPOINT=http://keycloak:8002/realms/signals/protocol/openid-connec
 OIDC_OP_JWKS_ENDPOINT=http://keycloak:8002/realms/signals/protocol/openid-connect/certs
 OIDC_OP_ISSUER=http://localhost:8002/realms/signals
 OIDC_VERIFY_AUDIENCE=False
+OIDC_USE_NONCE=False
 SILK_ENABLED=False
 SILK_PROFILING_ENABLED=False
 SILK_AUTHENTICATION_ENABLED=False

diff --git a/docker-compose/environments/.test b/docker-compose/environments/.test
@@ -31,6 +31,7 @@ OIDC_OP_AUTHORIZATION_ENDPOINT=http://127.0.0.1:5556/auth
 OIDC_OP_TOKEN_ENDPOINT=http://dex:5556/token
 OIDC_OP_USER_ENDPOINT=http://dex:5556/userinfo
 OIDC_OP_JWKS_ENDPOINT=http://dex:5556/keys
+ADMIN_ENABLE_LOCAL_LOGIN=True
 SILK_ENABLED=False
 SILK_PROFILING_ENABLED=False
 SILK_AUTHENTICATION_ENABLED=False