Add option to bypass login

[spwoodcock]

We need one of either:

• Use official OSM login accounts, to remove the signup step here.

• Or a way to bypass login entirely so people can just map (although not attributed, this would make setting up an instance for e2e very easy).

[emi420]

Or both? like we have on FMTM, where you can login with your OSM account or create a temporary account

[spwoodcock]

Yeah that's a good idea in an ideal scenario 👍

But I would imagine that technically it's a lot easier to disable login on the osm instance, than implementing a custom auth method (as granting oauth tokens via doorkeeper requires an oauth flow of some sort).

Let's assess how feasible it is when digging into it 😃

Note

One option I can think of immediately is pulling the auth out to the proxy layer (nginx),
then setting a single service account for OSM on the Ruby server.

[spwoodcock]

Making a note for later:

• Having login requires an SMTP server.
• The current setup causes emails to bounce frequently, due to rejection from various server / no auth setup.
• We can switch to the hotosmmail.org domain as this is dkim certified and will not be rejected / bounce, however the solution is only temporary and not generic.

Future solution:

• Removing auth entirely will make this concern moot.
• If we still require emails in future, we need a more generic solution ideally.
• We can advocate for setting up certs in install, but it's not ideal / the most user friendly: https://docs.getodk.org/central-install-digital-ocean/#configuring-dkim