diff options
| -rw-r--r-- | .env.example | 4 | ||||
| -rw-r--r-- | app/auth/forms.py | 14 | ||||
| -rw-r--r-- | config.py | 12 | ||||
| -rw-r--r--[-rwxr-xr-x] | flask.sh | 0 |
4 files changed, 30 insertions, 0 deletions
diff --git a/.env.example b/.env.example index 1a3da6d..f6c5ee0 100644 --- a/.env.example +++ b/.env.example @@ -7,6 +7,10 @@ FLASK_ENV=development DB_TYPE=mysql # secret key for flask SECRET_KEY=my-long-and-hard-to-guess-secret-key +# user email domains allowed (semicolon separated, empty means all) +USER_EMAIL_DOMAINS= +# specific user emails allowed (semicolon separated) +USER_EMAILS= ## Mail configuration # diff --git a/app/auth/forms.py b/app/auth/forms.py index 8f7662a..06bad3f 100644 --- a/app/auth/forms.py +++ b/app/auth/forms.py @@ -1,5 +1,6 @@ # -*- coding: utf-8 -*- +from flask import current_app from flask_wtf import FlaskForm from wtforms import StringField, PasswordField, BooleanField, SubmitField @@ -37,6 +38,19 @@ class RegistrationForm(FlaskForm): raise ValidationError( "Email address already in use, please use a different one." ) + if current_app.config["USER_EMAILS"]: + if email.data in current_app.config["USER_EMAILS"]: + return + if current_app.config["USER_EMAIL_DOMAINS"]: + if not email.data in current_app.config["USER_EMAIL_DOMAINS"]: + raise ValidationError( + "Access to AnnotateChange is restricted to " + "individuals with email addresses from specific " + "institutions. Please use your employee email address " + "when signing up. If that does not solve the issue, " + "you unfortunately do not have access to " + "AnnotateChange at this time." + ) class ResetPasswordRequestForm(FlaskForm): @@ -50,3 +50,15 @@ class Config(object): # task distribution settings TASKS_MAX_PER_USER = 5 TASKS_NUM_PER_DATASET = 10 + + # user emails allowed + USER_EMAIL_DOMAINS = os.environ.get("USER_EMAIL_DOMAINS") or "" + USER_EMAIL_DOMAINS = [ + x.split() for x in USER_EMAIL_DOMAINS.split(";") + ] + USER_EMAIL_DOMAINS = ( + None if not USER_EMAIL_DOMAINS else USER_EMAIL_DOMAINS + ) + USER_EMAILS = os.environ.get("USER_EMAILS") or "" + USER_EMAILS = [x.split() for x in USER_EMAILS.split(";")] + USER_EMAILS = None if not USER_EMAILS else USER_EMAILS |