From 8dc8b5f95bc35f42e749308c1400b4e04501a830 Mon Sep 17 00:00:00 2001
From: Deluan <deluan@navidrome.org>
Date: Sat, 19 Jun 2021 10:56:39 -0400
Subject: [PATCH] Option to allow auto-login during development.

---
 conf/configuration.go |  2 ++
 server/auth.go        | 13 ++++++++++---
 2 files changed, 12 insertions(+), 3 deletions(-)

diff --git a/conf/configuration.go b/conf/configuration.go
index 760b22808..a1117a0b1 100644
--- a/conf/configuration.go
+++ b/conf/configuration.go
@@ -64,6 +64,7 @@ type configOptions struct {
 	// DevFlags. These are used to enable/disable debugging and incomplete features
 	DevLogSourceLine           bool
 	DevAutoCreateAdminPassword string
+	DevAutoLoginUsername       string
 	DevPreCacheAlbumArtwork    bool
 	DevFastAccessCoverArt      bool
 	DevOldCacheLayout          bool
@@ -239,6 +240,7 @@ func init() {
 	// DevFlags. These are used to enable/disable debugging and incomplete features
 	viper.SetDefault("devlogsourceline", false)
 	viper.SetDefault("devautocreateadminpassword", "")
+	viper.SetDefault("devautologinusername", "")
 	viper.SetDefault("devprecachealbumartwork", false)
 	viper.SetDefault("devoldcachelayout", false)
 	viper.SetDefault("devFastAccessCoverArt", false)
diff --git a/server/auth.go b/server/auth.go
index 6943e24f3..ef90dce42 100644
--- a/server/auth.go
+++ b/server/auth.go
@@ -292,6 +292,10 @@ func UsernameFromReverseProxyHeader(r *http.Request) string {
 	return username
 }
 
+func UsernameFromConfig(r *http.Request) string {
+	return conf.Server.DevAutoLoginUsername
+}
+
 func contextWithUser(ctx context.Context, ds model.DataStore, username string) (context.Context, error) {
 	user, err := ds.User(ctx).FindByUsername(username)
 	if err == nil {
@@ -320,7 +324,7 @@ func authenticateRequest(ds model.DataStore, r *http.Request, findUsernameFns ..
 func Authenticator(ds model.DataStore) func(next http.Handler) http.Handler {
 	return func(next http.Handler) http.Handler {
 		return http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
-			ctx, err := authenticateRequest(ds, r, UsernameFromToken, UsernameFromReverseProxyHeader)
+			ctx, err := authenticateRequest(ds, r, UsernameFromConfig, UsernameFromToken, UsernameFromReverseProxyHeader)
 			if err != nil {
 				_ = rest.RespondWithError(w, http.StatusUnauthorized, "Not authenticated")
 				return
@@ -353,9 +357,12 @@ func JWTRefresher(next http.Handler) http.Handler {
 }
 
 func handleLoginFromHeaders(ds model.DataStore, r *http.Request) map[string]interface{} {
-	username := UsernameFromReverseProxyHeader(r)
+	username := UsernameFromConfig(r)
 	if username == "" {
-		return nil
+		username = UsernameFromReverseProxyHeader(r)
+		if username == "" {
+			return nil
+		}
 	}
 
 	userRepo := ds.User(r.Context())