feat: add regex support to oauth whitelist

internal/api/api_test.go

@@ -36,7 +36,7 @@ var handlersConfig = types.HandlersConfig{
 // Simple auth config for tests
 var authConfig = types.AuthConfig{
 	Users:           types.Users{},
-	OauthWhitelist:  []string{},
+	OauthWhitelist:  "",
 	Secret:          "super-secret-api-thing-for-tests", // It is 32 chars long
 	CookieSecure:    false,
 	SessionExpiry:   3600,

internal/auth/auth.go

@@ -134,20 +134,7 @@ func (auth *Auth) RecordLoginAttempt(identifier string, success bool) {
 }
 
 func (auth *Auth) EmailWhitelisted(emailSrc string) bool {
-	// If the whitelist is empty, allow all emails
-	if len(auth.Config.OauthWhitelist) == 0 {
-		return true
-	}
-
-	// Loop through the whitelist and return true if the email matches
-	for _, email := range auth.Config.OauthWhitelist {
-		if email == emailSrc {
-			return true
-		}
-	}
-
-	// If no emails match, return false
-	return false
+	return utils.CheckWhitelist(auth.Config.OauthWhitelist, emailSrc)
 }
 
 func (auth *Auth) CreateSessionCookie(c *gin.Context, data *types.SessionCookie) error {

internal/auth/auth_test.go

@@ -10,7 +10,7 @@ import (
 
 var config = types.AuthConfig{
 	Users:          types.Users{},
-	OauthWhitelist: []string{},
+	OauthWhitelist: "",
 	SessionExpiry:  3600,
 }
 

internal/types/config.go

@@ -68,7 +68,7 @@ type APIConfig struct {
 // AuthConfig is the configuration for the auth service
 type AuthConfig struct {
 	Users           Users
-	OauthWhitelist  []string
+	OauthWhitelist  string
 	SessionExpiry   int
 	Secret          string
 	CookieSecure    bool

internal/utils/utils.go

@@ -288,7 +288,7 @@ func ParseSecretFile(contents string) string {
 // Check if a string matches a regex or a whitelist
 func CheckWhitelist(whitelist string, str string) bool {
 	// Check if the whitelist is empty
-	if len(whitelist) == 0 {
+	if len(strings.TrimSpace(whitelist)) == 0 {
 		return true
 	}