mirror of
https://github.com/vx3r/wg-gen-web.git
synced 2025-04-01 16:36:52 +00:00
chore: restore default behavior when OAUTH2_ORG is not set
This commit is contained in:
parent
1c077e3dc0
commit
088da51ada
@ -4,16 +4,14 @@ FROM golang:alpine AS build-back
|
||||
WORKDIR /app
|
||||
ARG COMMIT
|
||||
COPY . .
|
||||
RUN go build -o wg-gen-web-linux github.com/vx3r/wg-gen-web/cmd/wg-gen-web
|
||||
RUN go build -o wg-gen-web-linux -ldflags="-X 'github.com/vx3r/wg-gen-web/version.Version=${COMMIT}'" github.com/vx3r/wg-gen-web/cmd/wg-gen-web
|
||||
|
||||
FROM node:18.13.0-alpine AS build-front
|
||||
WORKDIR /app
|
||||
COPY ui/package*.json ./
|
||||
COPY ui/yarn.lock ./
|
||||
RUN npm install
|
||||
COPY ui/ ./
|
||||
#RUN yarn build --frozen-lockfile --verbose
|
||||
RUN npm ci
|
||||
RUN npm run build
|
||||
|
||||
FROM alpine
|
||||
WORKDIR /app
|
||||
|
@ -99,17 +99,21 @@ func oauth2Exchange(c *gin.Context) {
|
||||
|
||||
cacheDb.Delete(loginVals.ClientId)
|
||||
|
||||
// check if user is in org
|
||||
teamsEnv := os.Getenv("OAUTH2_TEAMS")
|
||||
var teams []string
|
||||
if teamsEnv != "" {
|
||||
teams = strings.Split(teamsEnv, ",")
|
||||
}
|
||||
// This is primarily used for github, but can be used for other oauth2 providers where it makes sense.
|
||||
// Check if user is in org, use OAUTH2_TEAMS if you want to further restrict access within an org. This is optional.
|
||||
if os.Getenv("OAUTH2_ORG") != "" {
|
||||
|
||||
inOrg, err := oauth2Client.CheckMembership(oauth2Token, os.Getenv("OAUTH2_ORG"), teams)
|
||||
if err != nil || !inOrg {
|
||||
c.AbortWithStatus(http.StatusForbidden)
|
||||
return
|
||||
teamsEnv := os.Getenv("OAUTH2_TEAMS")
|
||||
var teams []string
|
||||
if teamsEnv != "" {
|
||||
teams = strings.Split(teamsEnv, ",")
|
||||
}
|
||||
|
||||
inOrg, err := oauth2Client.CheckMembership(oauth2Token, os.Getenv("OAUTH2_ORG"), teams)
|
||||
if err != nil || !inOrg {
|
||||
c.AbortWithStatus(http.StatusForbidden)
|
||||
return
|
||||
}
|
||||
}
|
||||
|
||||
cacheDb.Set(oauth2Token.AccessToken, oauth2Token, cache.DefaultExpiration)
|
||||
|
@ -51,6 +51,7 @@ func (o *Oauth2idc) CodeUrl(state string) string {
|
||||
|
||||
// Check if current user is in given org
|
||||
func (o *Oauth2idc) CheckMembership(oauth2Token *oauth2.Token, org string, teams []string) (bool, error) {
|
||||
// TODO: Add real implementation
|
||||
return false, nil
|
||||
}
|
||||
|
||||
|
4639
ui/yarn.lock
4639
ui/yarn.lock
File diff suppressed because it is too large
Load Diff
Loading…
Reference in New Issue
Block a user