From 05d536f9d18dcc82d7cdf0b0fa75e3cc171d1923 Mon Sep 17 00:00:00 2001
From: Kyle M Hall <kyle@bywatersolutions.com>
Date: Fri, 31 Mar 2023 11:54:22 -0400
Subject: [PATCH] Add passwordless mode that supports SIP and regular logins
 #291

---
 CHANGELOG.md                                           |  6 ++++++
 lib/Libki.pm                                           |  4 ++--
 lib/Libki/Controller/API/Client/v1_0.pm                |  6 +++++-
 lib/Libki/Controller/Administration/Settings.pm        |  2 +-
 lib/Libki/SIP.pm                                       |  2 +-
 .../dynamic/templates/administration/settings/index.tt | 10 ++++++++++
 6 files changed, 25 insertions(+), 5 deletions(-)

diff --git a/CHANGELOG.md b/CHANGELOG.md
index 4a7ecf5b..b1d46db2 100644
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@@ -5,6 +5,12 @@ The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.0.0/),
 and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0.html).
 
 ## [Unreleased]
+
+## [4.6.0] [r23.04]
+### Added
+- Add passwordless mode that supports SIP and regular logins
+
+## [4.5.0] [r23.03]
 ### Added
 - Add basic prometheus metrics for counting sessions, clients and logins ( in addition to default metrics )
 - Add ability to set client logo URL, height and width from the server
diff --git a/lib/Libki.pm b/lib/Libki.pm
index f60cee86..8958e8d1 100644
--- a/lib/Libki.pm
+++ b/lib/Libki.pm
@@ -11,7 +11,7 @@ use DateTime::Format::MySQL;
 use DateTime;
 use File::Slurp;
 
-our $VERSION = '4.4.0';
+our $VERSION = '4.5.0';
 
 # Set flags and add plugins for the application.
 #
@@ -40,7 +40,7 @@ use Catalyst qw(
   Session::State::Cookie
 
   StatusMessage
-  
+
   Breadcrumbs
   LibkiSetting
 
diff --git a/lib/Libki/Controller/API/Client/v1_0.pm b/lib/Libki/Controller/API/Client/v1_0.pm
index f3fd99f8..dfe7ec3e 100644
--- a/lib/Libki/Controller/API/Client/v1_0.pm
+++ b/lib/Libki/Controller/API/Client/v1_0.pm
@@ -130,7 +130,10 @@ sub index : Path : Args(0) {
             status                     => $client->status,
             ClientBehavior             => $c->stash->{Settings}->{ClientBehavior},
             ReservationShowUsername    => $c->stash->{Settings}->{ReservationShowUsername},
-            EnableClientSessionLocking => $c->stash->{Settings}->{EnableClientSessionLocking},
+
+            EnableClientSessionLocking   => $c->stash->{Settings}->{EnableClientSessionLocking},
+            EnableClientPasswordlessMode => $c->stash->{Settings}->{EnableClientPasswordlessMode},
+
             TermsOfService             => decode( 'UTF-8', $c->stash->{Settings}->{TermsOfService} ),
             TermsOfServiceDetails      => decode( 'UTF-8', $c->stash->{Settings}->{TermsOfServiceDetails} ),
 
@@ -247,6 +250,7 @@ sub index : Path : Args(0) {
             ## Process client requests
             if ($success) {
                 if (
+                    $c->setting('EnableClientPasswordlessMode') ||
                     $c->authenticate(
                         {
                             username => $username,
diff --git a/lib/Libki/Controller/Administration/Settings.pm b/lib/Libki/Controller/Administration/Settings.pm
index da42d4b0..d15010b9 100644
--- a/lib/Libki/Controller/Administration/Settings.pm
+++ b/lib/Libki/Controller/Administration/Settings.pm
@@ -67,7 +67,7 @@ sub update :Local :Args(0) {
     }
 
     # Checkboxes need to be converted to boolean values
-    foreach my $pref ( qw( EnableClientSessionLocking TimeAllowanceByLocation ) ) {
+    foreach my $pref ( qw( EnableClientSessionLocking TimeAllowanceByLocation EnableClientPasswordlessMode ) ) {
         $c->model('DB::Setting')->update_or_create(
             {
                 instance => $instance,
diff --git a/lib/Libki/SIP.pm b/lib/Libki/SIP.pm
index 00b7e87f..8935ec85 100644
--- a/lib/Libki/SIP.pm
+++ b/lib/Libki/SIP.pm
@@ -218,7 +218,7 @@ sub authenticate_via_sip {
 
     $log->debug("ILS verifies $username exists");
 
-    unless ( $config->{SIP}->{no_password_check} || $admin_auth ) {
+    unless ( $c->setting('EnableClientPasswordlessMode') || $config->{SIP}->{no_password_check} || $admin_auth ) {
         if ( CORE::index( $data, 'CQY' ) == -1 ) {
             return {
                 success => 0,
diff --git a/root/dynamic/templates/administration/settings/index.tt b/root/dynamic/templates/administration/settings/index.tt
index b99fdafc..ca34361d 100644
--- a/root/dynamic/templates/administration/settings/index.tt
+++ b/root/dynamic/templates/administration/settings/index.tt
@@ -268,6 +268,16 @@
                     </div>
                 </fieldset>
 
+                <fieldset>
+                    <legend>[% c.loc("Client passwordless mode") %]</legend>
+
+                    <div class="form-group">
+                        <input  id="EnableClientPasswordlessMode" name="EnableClientPasswordlessMode" type="checkbox" [% IF EnableClientPasswordlessMode %]checked="checked"[% END %]>
+                        <label for="EnableClientPasswordlessMode">[% c.loc("Enable passwordless mode for clients") %]</label>
+                        <small class="form-text text-muted">[% c.loc("If enabled, passwords will not be checked for client logins and the password field will be hidden in client v2.2.22 or later.") %]</small>
+                    </div>
+                </fieldset>
+
                 <fieldset>
                     <legend>[% c.loc("Client registration") %]</legend>