Whitelist domain doesn't work
nataliavaz opened this issue · 10 comments
Subject of the issue
Whitelist domain doesn't work
Steps to reproduce
Try to login with a domain that is not whitelisted.
Expected behaviour
Login should work just with the whitelisted domains
Actual behaviour
I can loggin on Matrix with any domain
This same problem is happening to me too!
Hi, could you share your whitelisted configuration?
Sure! Thank you!
This is my configuration:
WHITELIST_DOMAINS=["lageteck.com.br","lageteck.com"]
Despite this, I can login with @gmail.com accounts. My OAuth2 configuration follows the settings above.
My config is the same as yours.
Try to regenerate Sign-In client-id, and restart application.
I had this problem a while ago.
In that time, I thought that google changed the authentication method. After I regenerate, it worked perfectly.
Thanks for your help, @samuelrcarvalho!
Unfortunately, I tried the procedure and it was still possible to connect with an account I shouldn't be able to.
This same problem is happening to me too.
my configuration:
WHITELIST_DOMAINS=["buy4.com.br"]
Because of another problem (issue #371), I switched the production environment from the master to another branch, and the problem reported here has also been solved.
git clone https://github.com/ResultadosDigitais/matrix -b '#341-add-i18n' matrix
Unfortunately my happiness did not last. Taking more careful tests, I came to the conclusion that the problem persists. I'm working around the problem with this:
WHITELIST_USERS=["alias1@domain.tld","alias2@domain.tld"]
Hello guys, I think the problem is here:
Actual code:
File: backend/app/services/auth/index.js
line 9 and 11
var isAuthorized = domainAuthorization(getAllowedDomains());
isAuthorized = userAuthorization(getAllowedUsers());
This var isAuthorized is replacing the second var.
Should be:
var isAuthorized = domainAuthorization(getAllowedDomains());
if (!isAuthorized) {
isAuthorized = userAuthorization(getAllowedUsers());
}
After test this code work for me.