IntenseWebs/grafana
3
0
Fork 0
mirror of https://github.com/grafana/grafana.git synced 2025-02-25 18:55:37 -06:00
Code Issues Packages Projects Releases Wiki Activity

OAuth: Specify allowed email address domains for google or and github oauth logins, Closes #1660

Browse Source
This commit is contained in:
Torkel Ödegaard
2015-04-06 14:16:22 +02:00
parent 7a95451288
commit eb575685aa
6 changed files with 50 additions and 10 deletions
Download Patch File Download Diff File Expand all files Collapse all files

10
pkg/api/login_oauth.go
View File

@@ -33,7 +33,6 @@ func OAuthLogin(ctx *middleware.Context) {
ctx.Redirect(connect.AuthCodeURL("", oauth2.AccessTypeOnline))
return
}
log.Info("code: %v", code)
// handle call back
token, err := connect.Exchange(oauth2.NoContext, code)
@@ -50,7 +49,14 @@ func OAuthLogin(ctx *middleware.Context) {
return
}
log.Info("login.OAuthLogin(social login): %s", userInfo)
log.Trace("login.OAuthLogin(social login): %s", userInfo)
// validate that the email is allowed to login to grafana
if !connect.IsEmailAllowed(userInfo.Email) {
log.Info("OAuth login attempt with unallowed email, %s", userInfo.Email)
ctx.Redirect(setting.AppSubUrl + "/login?email_not_allowed=1")
return
}
userQuery := m.GetUserByLoginQuery{LoginOrEmail: userInfo.Email}
err = bus.Dispatch(&userQuery)