Added message alerts when login failed due to github team membership or email domain requirement, #1731, #1660

2024-11-26 02:40:26 -06:00 · 2015-04-29 10:08:01 +02:00 · 2015-04-29 10:08:01 +02:00 · 0d3fbb8659
commit 0d3fbb8659
parent 32fa8180fa
3 changed files with 14 additions and 7 deletions
--- a/conf/sample.ini
+++ b/conf/sample.ini
@ -142,8 +142,8 @@
 ;auth_url = https://github.com/login/oauth/authorize
 ;token_url = https://github.com/login/oauth/access_token
 ;api_url = https://api.github.com/user
-# Uncomment bellow to only allow specific email domains
-; allowed_domains = mycompany.com othercompany.com
+;team_ids =
+;allowed_domains =

 #################################### Google Auth ##########################
 [auth.google]
@ -154,8 +154,7 @@
 ;auth_url = https://accounts.google.com/o/oauth2/auth
 ;token_url = https://accounts.google.com/o/oauth2/token
 ;api_url = https://www.googleapis.com/oauth2/v1/userinfo
-# Uncomment bellow to only allow specific email domains
-; allowed_domains = mycompany.com othercompany.com
+;allowed_domains =

 #################################### Logging ##########################
 [log]
--- a/pkg/api/login_oauth.go
+++ b/pkg/api/login_oauth.go
@ -3,6 +3,7 @@ package api
 import (
 	"errors"
 	"fmt"
+	"net/url"

 	"golang.org/x/oauth2"

@ -46,7 +47,7 @@ func OAuthLogin(ctx *middleware.Context) {
 	userInfo, err := connect.UserInfo(token)
 	if err != nil {
 		if err == social.ErrMissingTeamMembership {
-			ctx.Redirect(setting.AppSubUrl + "/login?missing_team_membership=1")
+			ctx.Redirect(setting.AppSubUrl + "/login?failedMsg=" + url.QueryEscape("Required Github team membership not fulfilled"))
 		} else {
 			ctx.Handle(500, fmt.Sprintf("login.OAuthLogin(get info from %s)", name), err)
 		}
@ -58,7 +59,7 @@ func OAuthLogin(ctx *middleware.Context) {
 	// validate that the email is allowed to login to grafana
 	if !connect.IsEmailAllowed(userInfo.Email) {
 		log.Info("OAuth login attempt with unallowed email, %s", userInfo.Email)
-		ctx.Redirect(setting.AppSubUrl + "/login?email_not_allowed=1")
+		ctx.Redirect(setting.AppSubUrl + "/login?failedMsg=" + url.QueryEscape("Required email domain not fulfilled"))
 		return
 	}

--- a/public/app/controllers/loginCtrl.js
+++ b/public/app/controllers/loginCtrl.js
@ -7,7 +7,7 @@ function (angular, config) {

  var module = angular.module('grafana.controllers');

-  module.controller('LoginCtrl', function($scope, backendSrv, contextSrv) {
+  module.controller('LoginCtrl', function($scope, backendSrv, contextSrv, $location) {
    $scope.formModel = {
      user: '',
      email: '',
@ -28,6 +28,13 @@ function (angular, config) {
    $scope.init = function() {
      $scope.$watch("loginMode", $scope.loginModeChanged);
      $scope.passwordChanged();
+
+      var params = $location.search();
+      if (params.failedMsg) {
+        $scope.appEvent('alert-warning', ['Login Failed', params.failedMsg]);
+        delete params.failedMsg;
+        $location.search(params);
+      }
    };

    // build info view model