Wildcard authorized emails?

[brylie]

How might one allow wildcard email authorization? E.g. all emails for a Google authentication domain, such as a company's staff. Is there an approach to enable all organization users, or specific email domains?

[lchapo]

The simplest solution is to modify the auth function here to something like:
if email.endswith("@mycompany.com"):

An even better approach would be to store authorized emails in a database and have the auth function do a lookup against that database.

[joshbode]

I'm using this approach at the moment:

from fnmatch import fnmatch

class GlobList(list):
    """Glob list"""

    def __contains__(self, key) -> bool:
        """Check if key in list or matches patterns in list."""

        if super().__contains__(key):
            return True

        for k in self:
            if fnmatch(key, k):
                return True

        return False

and setting:

authorized_emails = GlobList(['*@example.com', 'foo@dog.com'])
auth = GoogleOAuth(app, authorized_emails)

[brylie]

@joshbode, this would be a really good addition to the README, or some similar documentation! :-)

[ghost]

The simplest solution is to modify the auth function here to something like:
if email.endswith("@mycompany.com"):

An even better approach would be to store authorized emails in a database and have the auth function do a lookup against that database.

Your url doesn't seem to be working.

[lchapo]

@VedantRuparelia whoops, linked to a private repo. Fixed my comment above (new link)