Let me preface this buy saying I did a cursory search and couldn't find this request. I also have a work around for my environment so it is not something critical however I feel this could be good for the overall Phabricator UX design.
Currently, in my environment, I am using the LDAP Authentication module however I still have the Password module enabled for access to the main administrator account and create accounts that are not available within our LDAP provider. To that end, one of the complaints I have fielded is how the LDAP is not the first one and some even come to me with a "My password doesn't work" when they are trying to shove it in the password auth. Ultimately this is a a bit of a user education problem however in our environment (higher ed allowing students to use Phabricator when doing the capstone project) that is not always an option.
There are two features I can see coming out of this:
- Sorting of Authentication Providers
- Hiding of Authentication Providers from the global login controller
The way I envision something like the sorting working would be similar to the way Phabricator reorders the custom field definitions in Maniphest. Hiding could simply be a field in the Authentication Provider or in the Config that allows you to hide providers.
Allowing the reordering of the Authentication Providers from within the config would allow users to keep more of a "clean" code-base (less patching). The hiding of authentication providers is less useful as the recover command line option is available, however still could be beneficial in certain circumstances.
The workaround for my ordering right now is to add the "getLoginOrder" function to the LDAP command and report back "050" instead of the default "500". While this works, it would be much cleaner from a user perspective to have the original getLoginOrder call a DB/command line defined configuration setting instead.