Restrict authentication email domain for seahub

This commit is contained in:
Josué Tille 2019-08-01 15:15:29 +02:00
parent cd742bb46d
commit a50778b691
No known key found for this signature in database
GPG key ID: 716A6C99B04194EF
2 changed files with 17 additions and 0 deletions

View file

@ -0,0 +1 @@
x86-64-force_domain_email.patch

View file

@ -0,0 +1,16 @@
diff --git a/seahub/base/accounts.py b/seahub/base/accounts.py
index 4ebbb98c4..ba468d073 100644
--- a/seahub/seahub/base/accounts.py
+++ b/seahub/seahub/base/accounts.py
@@ -540,7 +540,11 @@ class User(object):
class AuthBackend(object):
+ allowed_domain = settings.REMOTE_USER_DOMAIN
+
def get_user_with_import(self, username):
+ if '@' in username and self.allowed_domain != username.split('@')[1]:
+ raise User.DoesNotExist, 'Invalid domain for the email. Please use the seafile domain for the domain part of the email.'
emailuser = seaserv.get_emailuser_with_import(username)
if not emailuser:
raise User.DoesNotExist, 'User matching query does not exits.'