From 966a108d52696ea3bc4483e98643bdb5045375ed Mon Sep 17 00:00:00 2001 From: johnnyjoy Date: Tue, 13 May 2025 20:36:00 +0800 Subject: [PATCH] chore: check signin with sso --- server/router/api/v1/auth_service.go | 10 ++++++++++ 1 file changed, 10 insertions(+) diff --git a/server/router/api/v1/auth_service.go b/server/router/api/v1/auth_service.go index ed77f092d..8f3f11845 100644 --- a/server/router/api/v1/auth_service.go +++ b/server/router/api/v1/auth_service.go @@ -126,6 +126,16 @@ func (s *APIV1Service) SignInWithSSO(ctx context.Context, request *v1pb.SignInWi return nil, status.Errorf(codes.Internal, "failed to get user, error: %v", err) } if user == nil { + // Check if the user is allowed to sign up. + workspaceGeneralSetting, err := s.Store.GetWorkspaceGeneralSetting(ctx) + if err != nil { + return nil, status.Errorf(codes.Internal, "failed to get workspace general setting, error: %v", err) + } + if workspaceGeneralSetting.DisallowUserRegistration { + return nil, status.Errorf(codes.PermissionDenied, "user registration is not allowed") + } + + // Create a new user with the user info from the identity provider. userCreate := &store.User{ Username: userInfo.Identifier, // The new signup user should be normal user by default.