Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

How do i disable the default signup and restrict access to authorized users only #245

Closed
yawboateng opened this issue Mar 28, 2024 · 5 comments
Closed

How do i disable the default signup and restrict access to authorized users only #245

yawboateng opened this issue Mar 28, 2024 · 5 comments

Comments

@yawboateng
Copy link

Hello,
I got this running on GKE but by default, it has the demo data and anyone can signup with their work email (just like the demo site). How do i disable the default signup and config this to use the GCP oauth?

Thanks
@nk-hystax
Copy link
Collaborator

Hello @yawboateng. Could you please describe your use case in more detail? Do you expect OptScale to disallow email-password and Microsoft signup and only use Google signup, or do you need another authorization scheme?

@yawboateng
Copy link
Author

Hello @yawboateng. Could you please describe your use case in more detail? Do you expect OptScale to disallow email-password and Microsoft signup and only use Google signup, or do you need another authorization scheme?

So I've enabled Google OAuth login. However, I noticed that the optscale signup button remains available to external users. currently, using that button creates a separate organization for them. I'd like to disable the signup option and restrict login to authorized users within our org via Google OAuth.

@yawboateng yawboateng changed the title How do i disable the default signup and config this to use a personal oauth How do i disable the default signup and restrict access to authorized users only Mar 29, 2024
@nk-hystax
Copy link
Collaborator

nk-hystax commented Apr 1, 2024
edited
Loading

There is no ability to disable signup for all external users, but suppose an option to restrict user's signup for certain email domains may be helpful for you (https://github.com/hystax/optscale/blob/058860a930fb9c407f3466fce7b072329b32f1b8/auth/auth_server/controllers/user.py#L68C1-L76C68).

To enable email domains checks:

  1. update your user_template.yaml with a list of email domains you want to restrict registration for:
domains_blacklists:
  registration:
    - example.com
  1. restart your OptScale with runkube.py
    After that, new signups from the domains_blacklist will be restricted.

We also plan to implement a whitelist domain option to allow signup from a limited number of email domains.

@yawboateng
Copy link
Author

yeah, the whitelist will be more useful for my case, since i cant possibly blacklist all domains in the world :) - any idea what the timeline is?

@stanfra
Copy link
Contributor

stanfra commented Apr 19, 2024

Hello @yawboateng , whitelist added in https://github.com/hystax/optscale/releases/tag/2024041801-public release.

@stanfra stanfra closed this as completed Apr 19, 2024
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
3 participants
@yawboateng @nk-hystax @stanfra