allow automatic login via configured header value

app/controllers/concerns/authentication.rb

@@ -18,6 +18,8 @@ module Authentication
     def authenticate_user!
       if session_record = find_session_by_cookie
         Current.session = session_record
+      elsif session_record = create_session_by_remote_header
+        Current.session = session_record
       else
         if self_hosted_first_login?
           redirect_to new_registration_url
@@ -27,6 +29,21 @@ module Authentication
       end
     end
 
+    def create_session_by_remote_header
+      if user_email = request.headers[Rails.application.config.remote_login_email_header_name]
+        unless user = User.find_by(email: user_email)
+          user = User.new
+          user.email = user_email
+          user.password = SecureRandom.base58(50)
+          family = Family.new
+          user.family = family
+          user.role = :admin
+          user.save
+        end
+        create_session_for(user)
+      end
+    end
+
     def find_session_by_cookie
       cookie_value = cookies.signed[:session_token]
 

config/application.rb

@@ -29,6 +29,8 @@ module Maybe
 
     config.app_mode = (ENV["SELF_HOSTED"] == "true" || ENV["SELF_HOSTING_ENABLED"] == "true" ? "self_hosted" : "managed").inquiry
 
+    config.remote_login_email_header_name = ENV["REMOTE_LOGIN_EMAIL_HEADER"]
+
     # Self hosters can optionally set their own encryption keys if they want to use ActiveRecord encryption.
     if Rails.application.credentials.active_record_encryption.present?
       config.active_record.encryption = Rails.application.credentials.active_record_encryption