admin/Authentication
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

added redirect if there's no email found in the system

Browse Source
This commit is contained in:
F04C
2026-01-21 09:27:15 +08:00
parent a453d4b5af
commit 18c845ddc8
1 changed files with 18 additions and 8 deletions
Download Patch File Download Diff File Expand all files Collapse all files
handlers/google_auth.go
+18 -8
View File
@@ -176,8 +176,23 @@ func GoogleCallback(w http.ResponseWriter, r *http.Request) {
}
if !emailExists {
helper.LogError(errors.New("email not found"), "Email not registered: "+email)
helper.RespondWithError(w, http.StatusUnauthorized, "Please contact your administrator to request access.")
if FetchedRedirectURI != nil && *FetchedRedirectURI != "" {
RedirectURI := *FetchedRedirectURI
log.Print("RedirectURI from query param: ", RedirectURI)
if !IsAllowedRedirectURI(RedirectURI) {
helper.RespondWithError(w, http.StatusUnauthorized, "Unauthorized RedirectURI")
log.Print("Unauthorized RedirectURI: ", RedirectURI)
return
}
log.Print("Valid redirect_uri: ", RedirectURI)
RedirectURL := fmt.Sprintf("%s/callback?error=%s=", RedirectURI, "unregistered_email")
http.Redirect(w, r, RedirectURL, http.StatusSeeOther)
return
}
log.Print("No redirect_uri provided, returning JSON response")
// No redirect_uri provided, return JSON response
helper.RespondWithError(w, http.StatusUnauthorized, "Your email is not registered in the system. Please contact your administrator to request access.")
return
}
@@ -190,7 +205,7 @@ func GoogleCallback(w http.ResponseWriter, r *http.Request) {
var refreshTokenExpiry time.Duration
if emailExists {
refreshTokenExpiry = 7 * 24 * time.Hour
refreshTokenExpiry = 7 * 24 * time.Hour // 1 Week for registered users
} else {
refreshTokenExpiry = 2 * time.Hour
}
@@ -220,11 +235,6 @@ func GoogleCallback(w http.ResponseWriter, r *http.Request) {
helper.LogInfo(fmt.Sprintf("Refresh token cookie set: Domain=%s, Secure=%v, HttpOnly=%v, SameSite=%v",
cookieConfig.Domain, cookieConfig.Secure, cookieConfig.HttpOnly, cookieConfig.SameSite))
if !emailExists {
helper.RespondWithError(w, http.StatusUnauthorized, "Please contact your administrator to request access.")
return
}
helper.LogInfo("Fetching first name for email: " + email)
helper.LogInfo("Userinfo Email: " + userInfo.Email)