Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Whitelist domain doesn't work #368

Open
nataliavaz opened this issue Mar 4, 2021 · 10 comments
Open

Whitelist domain doesn't work #368

nataliavaz opened this issue Mar 4, 2021 · 10 comments

Comments

@nataliavaz
Copy link

Subject of the issue

Whitelist domain doesn't work

Steps to reproduce

Try to login with a domain that is not whitelisted.

Expected behaviour

Login should work just with the whitelisted domains

Actual behaviour

I can loggin on Matrix with any domain
@ezlage
Copy link

ezlage commented Apr 30, 2021
edited
Loading

This same problem is happening to me too!

@juliemar
Copy link
Contributor

Hi, could you share your whitelisted configuration?

@ezlage
Copy link

ezlage commented Apr 30, 2021

Sure! Thank you!

This is my configuration:

WHITELIST_DOMAINS=["lageteck.com.br","lageteck.com"]

Despite this, I can login with @gmail.com accounts. My OAuth2 configuration follows the settings above.

@nataliavaz
Copy link
Author

My config is the same as yours.

@samuelrcarvalho
Copy link

Try to regenerate Sign-In client-id, and restart application.
I had this problem a while ago.
In that time, I thought that google changed the authentication method. After I regenerate, it worked perfectly.

@ezlage
Copy link

ezlage commented May 2, 2021

Thanks for your help, @samuelrcarvalho!

Unfortunately, I tried the procedure and it was still possible to connect with an account I shouldn't be able to.

@renatocmaia
Copy link

renatocmaia commented May 12, 2021
edited
Loading

This same problem is happening to me too.

my configuration:
WHITELIST_DOMAINS=["buy4.com.br"]

@ezlage
Copy link

ezlage commented May 12, 2021
edited
Loading

Because of another problem (issue #371), I switched the production environment from the master to another branch, and the problem reported here has also been solved.

git clone https://github.com/ResultadosDigitais/matrix -b '#341-add-i18n' matrix

@ezlage
Copy link

ezlage commented May 16, 2021
edited
Loading

Unfortunately my happiness did not last. Taking more careful tests, I came to the conclusion that the problem persists. I'm working around the problem with this:

WHITELIST_USERS=["[email protected]","[email protected]"]

@renatocmaia
Copy link

Hello guys, I think the problem is here:
Actual code:
File: backend/app/services/auth/index.js
line 9 and 11

var isAuthorized = domainAuthorization(getAllowedDomains());
isAuthorized = userAuthorization(getAllowedUsers());

This var isAuthorized is replacing the second var.

Should be:

var isAuthorized = domainAuthorization(getAllowedDomains());

if (!isAuthorized) {
  isAuthorized = userAuthorization(getAllowedUsers());
}

After test this code work for me.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
5 participants
@juliemar @ezlage @samuelrcarvalho @renatocmaia @nataliavaz