Validate email in oauth registration form (#15014)

2025-11-03 21:08:25 +00:00 · 2021-03-16 21:54:02 -06:00
parent 7019076f7f
commit df891dc59f
1 changed files with 5 additions and 0 deletions
--- a/routers/user/auth.go
+++ b/routers/user/auth.go
@@ -942,6 +942,11 @@ func LinkAccountPostRegister(ctx *context.Context) {
 		}
 	}

+	if !form.IsEmailDomainAllowed() {
+		ctx.RenderWithErr(ctx.Tr("auth.email_domain_blacklisted"), tplLinkAccount, &form)
+		return
+	}
+
 	if setting.Service.AllowOnlyExternalRegistration || !setting.Service.RequireExternalRegistrationPassword {
 		// In models.User an empty password is classed as not set, so we set form.Password to empty.
 		// Eventually the database should be changed to indicate "Second Factor"-enabled accounts