import { yupResolver } from '@hookform/resolvers/yup' import { PermissionAction } from '@supabase/shared-types/out/constants' import { ExternalLink } from 'lucide-react' import Link from 'next/link' import { useEffect } from 'react' import { useForm } from 'react-hook-form' import { toast } from 'sonner' import { boolean, object, string } from 'yup' import { useParams } from 'common' import { ScaffoldSection, ScaffoldSectionTitle } from 'components/layouts/Scaffold' import { InlineLink } from 'components/ui/InlineLink' import NoPermission from 'components/ui/NoPermission' import { useAuthConfigQuery } from 'data/auth/auth-config-query' import { useAuthConfigUpdateMutation } from 'data/auth/auth-config-update-mutation' import { useCheckPermissions } from 'hooks/misc/useCheckPermissions' import { AlertDescription_Shadcn_, AlertTitle_Shadcn_, Alert_Shadcn_, Button, Card, CardContent, CardFooter, FormControl_Shadcn_, FormField_Shadcn_, Form_Shadcn_, Switch, WarningIcon, } from 'ui' import { FormItemLayout } from 'ui-patterns/form/FormItemLayout/FormItemLayout' import { NO_REQUIRED_CHARACTERS } from '../Auth.constants' const schema = object({ DISABLE_SIGNUP: boolean().required(), EXTERNAL_ANONYMOUS_USERS_ENABLED: boolean().required(), SECURITY_MANUAL_LINKING_ENABLED: boolean().required(), MAILER_AUTOCONFIRM: boolean().required(), SITE_URL: string().required('Must have a Site URL'), }) const BasicAuthSettingsForm = () => { const { ref: projectRef } = useParams() const { data: authConfig, error: authConfigError, isError } = useAuthConfigQuery({ projectRef }) const { mutate: updateAuthConfig, isLoading: isUpdatingConfig } = useAuthConfigUpdateMutation() const canReadConfig = useCheckPermissions(PermissionAction.READ, 'custom_config_gotrue') const canUpdateConfig = useCheckPermissions(PermissionAction.UPDATE, 'custom_config_gotrue') const form = useForm({ resolver: yupResolver(schema), defaultValues: { DISABLE_SIGNUP: true, EXTERNAL_ANONYMOUS_USERS_ENABLED: false, SECURITY_MANUAL_LINKING_ENABLED: false, MAILER_AUTOCONFIRM: true, SITE_URL: '', }, }) useEffect(() => { if (authConfig) { form.reset({ DISABLE_SIGNUP: !authConfig.DISABLE_SIGNUP, EXTERNAL_ANONYMOUS_USERS_ENABLED: authConfig.EXTERNAL_ANONYMOUS_USERS_ENABLED, SECURITY_MANUAL_LINKING_ENABLED: authConfig.SECURITY_MANUAL_LINKING_ENABLED, MAILER_AUTOCONFIRM: authConfig.MAILER_AUTOCONFIRM, SITE_URL: authConfig.SITE_URL, }) } }, [authConfig]) const onSubmit = (values: any) => { const payload = { ...values } payload.DISABLE_SIGNUP = !values.DISABLE_SIGNUP // The backend uses empty string to represent no required characters in the password if (payload.PASSWORD_REQUIRED_CHARACTERS === NO_REQUIRED_CHARACTERS) { payload.PASSWORD_REQUIRED_CHARACTERS = '' } updateAuthConfig( { projectRef: projectRef!, config: payload }, { onError: (error) => { toast.error(`Failed to update settings: ${error?.message}`) }, onSuccess: () => { toast.success('Successfully updated settings') }, } ) } if (isError) { return ( Failed to retrieve auth configuration {authConfigError.message} ) } if (!canReadConfig) { return (
) } return ( User Signups
( )} /> ( Enable{' '} manual linking APIs {' '} for your project } > )} /> ( Enable{' '} anonymous sign-ins {' '} for your project } > )} /> {form.watch('EXTERNAL_ANONYMOUS_USERS_ENABLED') && (
Anonymous users will use the authenticated{' '} role when signing in

As a result, anonymous users will be subjected to RLS policies that apply to the public and{' '} authenticated roles. We strongly advise{' '} reviewing your RLS policies {' '} to ensure that access to your data is restricted where required.

)} {!authConfig?.SECURITY_CAPTCHA_ENABLED && form.watch('EXTERNAL_ANONYMOUS_USERS_ENABLED') && ( We highly recommend{' '} enabling captcha {' '} for anonymous sign-ins This will prevent potential abuse on sign-ins which may bloat your database and incur costs for monthly active users (MAU) )}
( )} /> {form.formState.isDirty && ( )}
) } export default BasicAuthSettingsForm