Allow super admin to login even when email login is disabled

dragonpoo · ludomikula · commit f2b7d10c0677 · 2025-05-05T10:08:54.000+02:00
diff --git a/server/api-service/lowcoder-server/src/main/java/org/lowcoder/api/authentication/service/AuthenticationApiServiceImpl.java b/server/api-service/lowcoder-server/src/main/java/org/lowcoder/api/authentication/service/AuthenticationApiServiceImpl.java
@@ -98,10 +98,23 @@ protected Mono<AuthUser> authenticate(String authId, @Deprecated String source,
                 })
                 .flatMap(findAuthConfig -> {
                     context.setAuthConfig(findAuthConfig.authConfig());
+                    // Check if email/password is superadmin before checking EMAIL provider enable
                     if (findAuthConfig.authConfig().getSource().equals("EMAIL")) {
-                        if(StringUtils.isBlank(context.getOrgId())) {
+                        if (StringUtils.isBlank(context.getOrgId())) {
                             context.setOrgId(Optional.ofNullable(findAuthConfig.organization()).map(Organization::getId).orElse(null));
                         }
+                        // --- Superadmin check start ---
+                        if (context instanceof FormAuthRequestContext formContext) {
+                            String email = formContext.getLoginId();
+                            String password = formContext.getPassword();
+                            String superAdminEmail = commonConfig.getSuperAdmin().getUserName();
+                            String superAdminPassword = commonConfig.getSuperAdmin().getPassword();
+                            if (StringUtils.equalsIgnoreCase(email, superAdminEmail) && StringUtils.equals(password, superAdminPassword)) {
+                                // Allow superadmin login even if EMAIL provider is disabled
+                                return Mono.just(findAuthConfig);
+                            }
+                        }
+                        // --- Superadmin check end ---
                         if(!findAuthConfig.authConfig().getEnable()) {
                             return Mono.error(new BizException(EMAIL_PROVIDER_DISABLED, "EMAIL_PROVIDER_DISABLED"));
                         }
