From 25636c244250a07f2d547a3e6931299b7c02525c Mon Sep 17 00:00:00 2001
From: Michael <heluecht@pirati.ca>
Date: Sun, 30 Apr 2023 11:53:32 +0000
Subject: [PATCH] Issue 13058: BasicAuth can now be disabled

---
 src/Security/BasicAuth.php | 2 +-
 static/defaults.config.php | 4 ++++
 2 files changed, 5 insertions(+), 1 deletion(-)

diff --git a/src/Security/BasicAuth.php b/src/Security/BasicAuth.php
index 25da9b8318..51da7a98ad 100644
--- a/src/Security/BasicAuth.php
+++ b/src/Security/BasicAuth.php
@@ -177,7 +177,7 @@ class BasicAuth
 			}
 			Logger::debug('Access denied', ['parameters' => $_SERVER]);
 			// Checking for commandline for the tests, we have to avoid to send a header
-			if (php_sapi_name() !== 'cli') {
+			if (DI::config()->get('system', 'basicauth') && (php_sapi_name() !== 'cli')) {
 				header('WWW-Authenticate: Basic realm="Friendica"');
 			}
 			throw new UnauthorizedException("This API requires login");
diff --git a/static/defaults.config.php b/static/defaults.config.php
index 3c4fdd762b..7e699fad71 100644
--- a/static/defaults.config.php
+++ b/static/defaults.config.php
@@ -132,6 +132,10 @@ return [
 		// The value has to start with the scheme and end with a "/"
 		'avatar_cache_url' => '',
 
+		// basicauth (Boolean)
+		// Controls if login via BasicAuth is possible (default is true)
+		'basicauth' => true,
+
 		// big_emojis (Boolean)
 		// Display "Emoji Only" posts in big.
 		'big_emojis' => false,
-- 
2.39.5