fix: don't allow the reserved provider names to be used in oauth

2026-06-24 20:30:16 +00:00 · 2026-06-24 12:48:22 +03:00
parent aaa5f4cb2f
commit 93f882e460
2 changed files with 7 additions and 0 deletions
@@ -17,6 +17,8 @@ var OverrideProviders = map[string]string{
 	"github": "GitHub",
 }

+var ReservedProviderNames = []string{"local", "ldap", "tailscale"}
+
 const SessionCookieName = "tinyauth-session"
 const CSRFCookieName = "tinyauth-csrf"
 const RedirectCookieName = "tinyauth-redirect"