Manual login option

lib/Controller/PageController.php

@@ -83,10 +83,13 @@ public function index()
     $reason = null;
 
     $roundCubeUrl = $this->authenticator->externalURL();
+    $allowManualLogin = $this->config->getAppValue(Config::ALLOW_MANUAL_LOGIN);
+    $credentials = null;
     if (empty($roundCubeUrl)) {
       $state = self::ERROR_STATE;
       $reason = self::ERROR_NORCURL_REASON;
-    } else {
+    } elseif (!$allowManualLogin) {
+      // Only check credentials if manual login is not allowed
       $credentials = $this->config->emailCredentials();
       if (empty($credentials)) {
         $state = self::ERROR_STATE;

lib/Controller/SettingsController.php

@@ -62,6 +62,7 @@ class SettingsController extends Controller
     Config::ENABLE_SSL_VERIFY => [ 'rw' => true, 'default' => Config::ENABLE_SSL_VERIFY_DEFAULT, ],
     Config::PERSONAL_ENCRYPTION => [ 'rw' => true, 'default' => Config::PERSONAL_ENCRYPTION_DEFAULT, ],
     Config::CARDDAV_PROVISIONG_TAG => [ 'rw' => true, 'default' => Config::CARDDAV_PROVISIONG_TAG_DEFAULT, ],
+    Config::ALLOW_MANUAL_LOGIN => [ 'rw' => true, 'default' => Config::ALLOW_MANUAL_LOGIN_DEFAULT, ],
   ];
 
   public const EMAIL_ADDRESS = 'emailAddress';
@@ -162,6 +163,7 @@ public function setAdmin(string $setting, mixed $value, bool $force = false):Dat
       case Config::SHOW_TOP_LINE:
       case Config::ENABLE_SSL_VERIFY:
       case Config::PERSONAL_ENCRYPTION:
+      case Config::ALLOW_MANUAL_LOGIN:
         $newValue = filter_var($value, FILTER_VALIDATE_BOOLEAN, ['flags' => FILTER_NULL_ON_FAILURE]);
         if ($newValue === null) {
           return self::grumble($this->l->t(
@@ -249,6 +251,7 @@ public function getAdmin(?string $setting = null):DataResponse
         case Config::SHOW_TOP_LINE:
         case Config::ENABLE_SSL_VERIFY:
         case Config::PERSONAL_ENCRYPTION:
+        case Config::ALLOW_MANUAL_LOGIN:
           if ($humanValue !== null) {
             $humanValue = $humanValue ? $this->l->t('true') : $this->l->t('false');
           }

lib/Service/Config.php

@@ -70,6 +70,8 @@ class Config
   public const PERSONAL_ENCRYPTION_DEFAULT = false;
   public const CARDDAV_PROVISIONG_TAG = 'cardDavProvisioningTag';
   public const CARDDAV_PROVISIONG_TAG_DEFAULT = '';
+  public const ALLOW_MANUAL_LOGIN = 'allowManualLogin';
+  public const ALLOW_MANUAL_LOGIN_DEFAULT = false;
 
   const SETTINGS = [
     self::EXTERNAL_LOCATION => self::EXTERNAL_LOCATION_DEFAULT,
@@ -80,6 +82,7 @@ class Config
     self::ENABLE_SSL_VERIFY => self::ENABLE_SSL_VERIFY_DEFAULT,
     self::PERSONAL_ENCRYPTION => self::PERSONAL_ENCRYPTION_DEFAULT,
     self::CARDDAV_PROVISIONG_TAG => self::CARDDAV_PROVISIONG_TAG_DEFAULT,
+    self::ALLOW_MANUAL_LOGIN => self::ALLOW_MANUAL_LOGIN_DEFAULT,
   ];
 
   /** @var \OCP\IUser */

src/AdminSettings.vue

@@ -156,6 +156,20 @@
       <label for="show-top-line">
         {{ t(appName, 'Show RoundCube top information bar (shows logout button).') }}
       </label>
+      <input id="allow-manual-login"
+             v-model="settings.allowManualLogin"
+             class="checkbox"
+             type="checkbox"
+             name="allowManualLogin"
+             value="1"
+             :disabled="loading"
+             @change="saveSetting('allowManualLogin')"
+      >
+      <label for="allow-manual-login"
+             :title="t(appName, 'Allow users to login manually to RoundCube without pre-configured credentials. Useful for shared mailboxes or when SSO is not available.')"
+      >
+        {{ t(appName, 'Allow manual RoundCube login (skip credential check).') }}
+      </label>
       <input id="enable-ssl-verify"
              v-model="settings.enableSSLVerify"
              class="checkbox"
@@ -265,6 +279,7 @@ const settings = reactive({
   fixedSingleEmailPassword: '',
   forceSSO: false,
   showTopLine: false,
+  allowManualLogin: false,
   enableSSLVerify: true,
   personalEncryption: false,
   cardDavProvisioningTag: '',