luckyimnotanigger/forgejo
1
0
Fork 0
mirror of https://codeberg.org/forgejo/forgejo.git synced 2025-05-16 15:02:43 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions 9

Support wildcard in email domain allow/block list (#24831)

Browse source 
Replace #20257 (which is stale and incomplete)

Close #20255

Major changes:

* Deprecate the "WHITELIST", use "ALLOWLIST"
* Add wildcard support for EMAIL_DOMAIN_ALLOWLIST/EMAIL_DOMAIN_BLOCKLIST
* Update example config file and document
* Improve tests
This commit is contained in:
wxiaoguang 2023-05-22 08:05:44 +08:00 committed by GitHub
parent 19993d8814
commit 2cb66fff60
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
6 changed files with 118 additions and 34 deletions
Download patch file Download diff file Expand all files Collapse all files

17
services/forms/user_form.go
View file

@ -16,6 +16,7 @@ import (
"code.gitea.io/gitea/modules/web/middleware"
"gitea.com/go-chi/binding"
"github.com/gobwas/glob"
)
// InstallForm form for installation page
@ -105,8 +106,8 @@ func (f *RegisterForm) Validate(req *http.Request, errs binding.Errors) binding.
// IsEmailDomainListed checks whether the domain of an email address
// matches a list of domains
func IsEmailDomainListed(list []string, email string) bool {
if len(list) == 0 {
func IsEmailDomainListed(globs []glob.Glob, email string) bool {
if len(globs) == 0 {
return false
}
@ -117,8 +118,8 @@ func IsEmailDomainListed(list []string, email string) bool {
domain := strings.ToLower(email[n+1:])
for _, v := range list {
if strings.ToLower(v) == domain {
for _, g := range globs {
if g.Match(domain) {
return true
}
}
@ -131,12 +132,12 @@ func IsEmailDomainListed(list []string, email string) bool {
// The email is marked as allowed if it matches any of the
// domains in the whitelist or if it doesn't match any of
// domains in the blocklist, if any such list is not empty.
func (f RegisterForm) IsEmailDomainAllowed() bool {
if len(setting.Service.EmailDomainWhitelist) == 0 {
return !IsEmailDomainListed(setting.Service.EmailDomainBlocklist, f.Email)
func (f *RegisterForm) IsEmailDomainAllowed() bool {
if len(setting.Service.EmailDomainAllowList) == 0 {
return !IsEmailDomainListed(setting.Service.EmailDomainBlockList, f.Email)
}
return IsEmailDomainListed(setting.Service.EmailDomainWhitelist, f.Email)
return IsEmailDomainListed(setting.Service.EmailDomainAllowList, f.Email)
}
// MustChangePasswordForm form for updating your password after account creation