feat: support provider-specific OAuth whitelists (#882)

Co-authored-by: Puneet Dixit <236133619+puneetdixit200@users.noreply.github.com>
2026-06-16 08:20:15 +00:00 · 2026-05-24 22:48:33 +05:30
parent 3f584ca741
commit c3461131f5
7 changed files with 77 additions and 20 deletions
@@ -205,7 +205,7 @@ func (m *ContextMiddleware) cookieAuth(ctx context.Context, uuid string, ip stri
 			return nil, nil, fmt.Errorf("oauth provider from session cookie not found: %s", userContext.OAuth.ID)
 		}

-		if !m.auth.IsEmailWhitelisted(userContext.OAuth.Email) {
+		if !m.auth.IsEmailWhitelisted(userContext.OAuth.ID, userContext.OAuth.Email) {
 			m.auth.DeleteSession(ctx, uuid)
 			return nil, nil, fmt.Errorf("email from session cookie not whitelisted: %s", userContext.OAuth.Email)
 		}