mirror of
https://github.com/danny-avila/LibreChat.git
synced 2025-12-16 16:30:15 +01:00
a1471c2f37
Some checks failed
Docker Dev Branch Images Build / build (Dockerfile, lc-dev, node) (push) Has been cancelled
Docker Dev Branch Images Build / build (Dockerfile.multi, lc-dev-api, api-build) (push) Has been cancelled
Docker Dev Images Build / build (Dockerfile, librechat-dev, node) (push) Has been cancelled
Docker Dev Images Build / build (Dockerfile.multi, librechat-dev-api, api-build) (push) Has been cancelled
Sync Locize Translations & Create Translation PR / Sync Translation Keys with Locize (push) Has been cancelled
Sync Locize Translations & Create Translation PR / Create Translation PR on Version Published (push) Has been cancelled
* chore: move domain related functions to `packages/api` * fix: isEmailDomainAllowed for case-insensitive domain matching - Added tests to validate case-insensitive matching for email domains in various scenarios. - Updated isEmailDomainAllowed function to convert email domains to lowercase for consistent comparison. - Improved handling of null/undefined entries in allowedDomains. * ci: Mock isEmailDomainAllowed in samlStrategy tests - Added a mock implementation for isEmailDomainAllowed to return true in samlStrategy tests, ensuring consistent behavior during test execution. * ci: Update import of isEmailDomainAllowed in ldapStrategy tests - Changed the import of isEmailDomainAllowed from the domains service to the api package for consistency and to reflect recent refactoring.
36 lines
1.1 KiB
JavaScript
36 lines
1.1 KiB
JavaScript
const { logger } = require('@librechat/data-schemas');
|
|
const { isEmailDomainAllowed } = require('@librechat/api');
|
|
const { getAppConfig } = require('~/server/services/Config');
|
|
|
|
/**
|
|
* Checks the domain's social login is allowed
|
|
*
|
|
* @async
|
|
* @function
|
|
* @param {Object} req - Express request object.
|
|
* @param {Object} res - Express response object.
|
|
* @param {Function} next - Next middleware function.
|
|
*
|
|
* @returns {Promise<void>} - Calls next middleware if the domain's email is allowed, otherwise redirects to login
|
|
*/
|
|
const checkDomainAllowed = async (req, res, next) => {
|
|
try {
|
|
const email = req?.user?.email;
|
|
const appConfig = await getAppConfig({
|
|
role: req?.user?.role,
|
|
});
|
|
|
|
if (email && !isEmailDomainAllowed(email, appConfig?.registration?.allowedDomains)) {
|
|
logger.error(`[Social Login] [Social Login not allowed] [Email: ${email}]`);
|
|
res.redirect('/login');
|
|
return;
|
|
}
|
|
|
|
next();
|
|
} catch (error) {
|
|
logger.error('[checkDomainAllowed] Error checking domain:', error);
|
|
res.redirect('/login');
|
|
}
|
|
};
|
|
|
|
module.exports = checkDomainAllowed;
|