Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

check for duplicate email address on enrollment? #12495

Closed
cheggerdev opened this issue Dec 26, 2024 · 7 comments
Closed

check for duplicate email address on enrollment? #12495

cheggerdev opened this issue Dec 26, 2024 · 7 comments
Labels
question Further information is requested

Comments

@cheggerdev
Copy link

Describe your question/
On an enrollment it is possible to check if the user given mail address is already in use by another account
(in stage default-source-enrollment-prompt or in default-source-enrollment-write) ?
Applications like DokuWiki get confused when there are multiple accounts with the same mail address?
Basically I want to enforce that all accounts have an unique mail address.

Version and Deployment (please complete the following information):

  • authentik version: 2024.12.1
  • Deployment: docker-compose
@cheggerdev cheggerdev added the question Further information is requested label Dec 26, 2024
@samip5
Copy link
Contributor

samip5 commented Dec 27, 2024

There is with expression policys and some Python.

@cheggerdev
Copy link
Author

Excellent. Is there an example or skeleton that shows how to do it?

@samip5
Copy link
Contributor

samip5 commented Dec 28, 2024

Excellent. Is there an example or skeleton that shows how to do it?

It's a bit of trial and error.

This might also help: https://github.com/pikaviestin/documentation/blob/main/email_validation_policy.py
https://docs.goauthentik.io/docs/customize/policies/expression

@Chasethechicken
Copy link
Contributor

We are using this expression policy to check for duplicate emails:

from authentik.core.models import User

email = request.context["prompt_data"]["email"]
if User.objects.filter(email__iexact=email).exists():
  ak_message("This email address is already in use.")
  return False
return True

@cheggerdev
Copy link
Author

Thank you very much. All of it is very helpful.

@cheggerdev
Copy link
Author

Maybe I was too fast with closing this issue.

I want to mention the modernization of the email code: #12558

@4d62
Copy link
Contributor

4d62 commented Jan 6, 2025

MR 12558 only updates documentation related to email domain whitelist on authentication or when enrolling. Does not seem to be related to your initial question "the user given mail address is already in use by another account"

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
question Further information is requested
Projects
None yet
Development

No branches or pull requests

4 participants