mirror of
https://github.com/grafana/grafana.git
synced 2024-12-30 10:47:30 -06:00
Added message alerts when login failed due to github team membership or email domain requirement, #1731, #1660
This commit is contained in:
parent
32fa8180fa
commit
0d3fbb8659
@ -142,8 +142,8 @@
|
||||
;auth_url = https://github.com/login/oauth/authorize
|
||||
;token_url = https://github.com/login/oauth/access_token
|
||||
;api_url = https://api.github.com/user
|
||||
# Uncomment bellow to only allow specific email domains
|
||||
; allowed_domains = mycompany.com othercompany.com
|
||||
;team_ids =
|
||||
;allowed_domains =
|
||||
|
||||
#################################### Google Auth ##########################
|
||||
[auth.google]
|
||||
@ -154,8 +154,7 @@
|
||||
;auth_url = https://accounts.google.com/o/oauth2/auth
|
||||
;token_url = https://accounts.google.com/o/oauth2/token
|
||||
;api_url = https://www.googleapis.com/oauth2/v1/userinfo
|
||||
# Uncomment bellow to only allow specific email domains
|
||||
; allowed_domains = mycompany.com othercompany.com
|
||||
;allowed_domains =
|
||||
|
||||
#################################### Logging ##########################
|
||||
[log]
|
||||
|
@ -3,6 +3,7 @@ package api
|
||||
import (
|
||||
"errors"
|
||||
"fmt"
|
||||
"net/url"
|
||||
|
||||
"golang.org/x/oauth2"
|
||||
|
||||
@ -46,7 +47,7 @@ func OAuthLogin(ctx *middleware.Context) {
|
||||
userInfo, err := connect.UserInfo(token)
|
||||
if err != nil {
|
||||
if err == social.ErrMissingTeamMembership {
|
||||
ctx.Redirect(setting.AppSubUrl + "/login?missing_team_membership=1")
|
||||
ctx.Redirect(setting.AppSubUrl + "/login?failedMsg=" + url.QueryEscape("Required Github team membership not fulfilled"))
|
||||
} else {
|
||||
ctx.Handle(500, fmt.Sprintf("login.OAuthLogin(get info from %s)", name), err)
|
||||
}
|
||||
@ -58,7 +59,7 @@ func OAuthLogin(ctx *middleware.Context) {
|
||||
// validate that the email is allowed to login to grafana
|
||||
if !connect.IsEmailAllowed(userInfo.Email) {
|
||||
log.Info("OAuth login attempt with unallowed email, %s", userInfo.Email)
|
||||
ctx.Redirect(setting.AppSubUrl + "/login?email_not_allowed=1")
|
||||
ctx.Redirect(setting.AppSubUrl + "/login?failedMsg=" + url.QueryEscape("Required email domain not fulfilled"))
|
||||
return
|
||||
}
|
||||
|
||||
|
@ -7,7 +7,7 @@ function (angular, config) {
|
||||
|
||||
var module = angular.module('grafana.controllers');
|
||||
|
||||
module.controller('LoginCtrl', function($scope, backendSrv, contextSrv) {
|
||||
module.controller('LoginCtrl', function($scope, backendSrv, contextSrv, $location) {
|
||||
$scope.formModel = {
|
||||
user: '',
|
||||
email: '',
|
||||
@ -28,6 +28,13 @@ function (angular, config) {
|
||||
$scope.init = function() {
|
||||
$scope.$watch("loginMode", $scope.loginModeChanged);
|
||||
$scope.passwordChanged();
|
||||
|
||||
var params = $location.search();
|
||||
if (params.failedMsg) {
|
||||
$scope.appEvent('alert-warning', ['Login Failed', params.failedMsg]);
|
||||
delete params.failedMsg;
|
||||
$location.search(params);
|
||||
}
|
||||
};
|
||||
|
||||
// build info view model
|
||||
|
Loading…
Reference in New Issue
Block a user