Last active
January 18, 2016 12:28
-
-
Save sandrinodimattia/50182ac9def43e8ac21b to your computer and use it in GitHub Desktop.
Auth0 email domain whitelisting and profile enrichment
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| function (user, context, callback) { | |
| if (!user.email_verified) { | |
| return callback( | |
| new UnauthorizedError('Your email address hasn\'t been verified.')); | |
| } | |
| var domainWhitelist = ['auth0.com', 'example.org']; | |
| var domainMatch = _.find(domainWhitelist, | |
| function(domain) { | |
| var emailSplit = user.email.split('@'); | |
| return emailSplit[emailSplit.length - 1].toLowerCase() === domain; | |
| } | |
| ); | |
| if (!domainMatch) { | |
| return callback( | |
| new UnauthorizedError('You are not allowed to access this application.')); | |
| } | |
| if (domainMatch === 'auth0.com') { | |
| user.groups = user.groups || []; | |
| if (user.groups.indexOf('Administrators') < 0) { | |
| user.groups.push('Administrators'); | |
| } | |
| } | |
| return callback(null, user, context); | |
| } |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment