Force GUEST to login.

[icsy7867]

Unfortunately I do not know anything about typescript and I am trying to take a stab, but not working, so I thought I would post the idea here and see if someone smarter than me knew of a way to make it work.

I noticed on the login window, it already supports a callbackUrl which is awesome. So I was hoping to add something simple (Apologies for my pseudo code):

  if (process.env.OIDC_ENABLED === "true" && ctx.session.user.isGuest) {

    //get currentl URL and URL Encode it
    const URL = encodeURI(window.location.href)

    //Automatically redirect to the login page with the current URL as the callback URL
    window.location.href = 'login?callbackUrl={URL}';
  }

You might also want another environment variable for "OIDC_FORCELOGIN" or "DISABLE_GUEST" or something like that as well. But this would be hugely helpful for my internal only deployment. Since most all of our logins are already secured with OIDC/ADFS, logins should pass through without needing authentication.

Ideally, it would be even better to, instead of going to the static login page, to just go through the OIDC process.

[lukevella]

I think this is a duplicate of #948

[icsy7867]

It's a little different.

When I create a poll, it generates a share link for me:
https://rallly.company.com/invite/XXXXXXXXX

If an organizations uses SSO/SAML/OIDC they most likely have it all over the place, and once you authenticate once, you dont have to authenticate again, it goes through automatically which is REALLY nice. So in these cases, it would be ideal to automatically authenticate via OIDC (or force OIDC in some way) instead of allowing "Guest" actions at all.

OIDC will provide the user's email address for all users, so it would be superfluous for someone to get the link, and have to fill out their email, when OIDC can provide that automatically.

Also... your lightning fast replies are awesome, thanks!

[lukevella]

Ah I see. We don't make the assumption that the app is used exclusively internally within an organization. In fact, it's main purpose is to allow scheduling across organizations. Typically organization have more integrated solutions for scheduling things internally.

I don't exclude what you're suggesting as a possibility in the future but it's not a priority at the moment.