feat: add authorized email address support #1757
Merged
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Pull Request Test Coverage Report for Build 10665862666Details
💛 - Coveralls |
J0
approved these changes
Sep 2, 2024
hf
force-pushed
the
hf/add-authorized-email-addresses
branch
from
2c6d31f
to
dffbaa5
Compare
hf
force-pushed
the
hf/add-authorized-email-addresses
branch
from
dffbaa5
to
738e079
Compare
hf
pushed a commit
that referenced
this pull request
Sep 2, 2024
🤖 I have created a release *beep* *boop* --- ## [2.160.0](v2.159.2...v2.160.0) (2024-09-02) ### Features * add authorized email address support ([#1757](#1757)) ([f3a28d1](f3a28d1)) * add option to disable magic links ([#1756](#1756)) ([2ad0737](2ad0737)) * add support for saml encrypted assertions ([#1752](#1752)) ([c5480ef](c5480ef)) ### Bug Fixes * apply shared limiters before email / sms is sent ([#1748](#1748)) ([bf276ab](bf276ab)) * simplify WaitForCleanup ([#1747](#1747)) ([0084625](0084625)) --- This PR was generated with [Release Please](https://github.com/googleapis/release-please). See [documentation](https://github.com/googleapis/release-please#release-please). Co-authored-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com>
kangmingtay
reviewed
Sep 3, 2024
|
|
||
| email = strings.ToLower(email) | ||
|
|
||
| if len(a.config.External.Email.AuthorizedAddresses) > 0 { |
There was a problem hiding this comment.
@hf would be nice if we had passed down the config as the argument instead of making this a struct method of API and having to pass down the api struct in Validate
uxodb
pushed a commit
to uxodb/auth
that referenced
this pull request
Nov 13, 2024
Adds support for authorized email addresses, useful when needing to restrict email sending to a handful of email addresses. In the Supabase platform use case, this can be used to allow sending of emails on new projects only to the project's owners or developers, reducing email abuse. To enable it, specify `GOTRUE_EXTERNAL_EMAIL_AUTHORIZED_ADDRESSES` as a comma-delimited string of email addresses. The addresses should be lowercased and without labels. Labels are supported so emails will be sent to `someone+test1@gmail.com` and `someone+test2@gmail.com` if and only if the `someone@gmail.com` address is added in the authorized list. Not a substitute for blocklists!
uxodb
pushed a commit
to uxodb/auth
that referenced
this pull request
Nov 13, 2024
🤖 I have created a release *beep* *boop* --- ## [2.160.0](supabase/auth@v2.159.2...v2.160.0) (2024-09-02) ### Features * add authorized email address support ([supabase#1757](supabase#1757)) ([f3a28d1](supabase@f3a28d1)) * add option to disable magic links ([supabase#1756](supabase#1756)) ([2ad0737](supabase@2ad0737)) * add support for saml encrypted assertions ([supabase#1752](supabase#1752)) ([c5480ef](supabase@c5480ef)) ### Bug Fixes * apply shared limiters before email / sms is sent ([supabase#1748](supabase#1748)) ([bf276ab](supabase@bf276ab)) * simplify WaitForCleanup ([supabase#1747](supabase#1747)) ([0084625](supabase@0084625)) --- This PR was generated with [Release Please](https://github.com/googleapis/release-please). See [documentation](https://github.com/googleapis/release-please#release-please). Co-authored-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com>
LashaJini
pushed a commit
to LashaJini/auth
that referenced
this pull request
Nov 13, 2024
Adds support for authorized email addresses, useful when needing to restrict email sending to a handful of email addresses. In the Supabase platform use case, this can be used to allow sending of emails on new projects only to the project's owners or developers, reducing email abuse. To enable it, specify `GOTRUE_EXTERNAL_EMAIL_AUTHORIZED_ADDRESSES` as a comma-delimited string of email addresses. The addresses should be lowercased and without labels. Labels are supported so emails will be sent to `someone+test1@gmail.com` and `someone+test2@gmail.com` if and only if the `someone@gmail.com` address is added in the authorized list. Not a substitute for blocklists!
LashaJini
pushed a commit
to LashaJini/auth
that referenced
this pull request
Nov 13, 2024
🤖 I have created a release *beep* *boop* --- ## [2.160.0](supabase/auth@v2.159.2...v2.160.0) (2024-09-02) ### Features * add authorized email address support ([supabase#1757](supabase#1757)) ([f3a28d1](supabase@f3a28d1)) * add option to disable magic links ([supabase#1756](supabase#1756)) ([2ad0737](supabase@2ad0737)) * add support for saml encrypted assertions ([supabase#1752](supabase#1752)) ([c5480ef](supabase@c5480ef)) ### Bug Fixes * apply shared limiters before email / sms is sent ([supabase#1748](supabase#1748)) ([bf276ab](supabase@bf276ab)) * simplify WaitForCleanup ([supabase#1747](supabase#1747)) ([0084625](supabase@0084625)) --- This PR was generated with [Release Please](https://github.com/googleapis/release-please). See [documentation](https://github.com/googleapis/release-please#release-please). Co-authored-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com>
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Adds support for authorized email addresses, useful when needing to restrict email sending to a handful of email addresses. In the Supabase platform use case, this can be used to allow sending of emails on new projects only to the project's owners or developers, reducing email abuse.
To enable it, specify
GOTRUE_EXTERNAL_EMAIL_AUTHORIZED_ADDRESSESas a comma-delimited string of email addresses. The addresses should be lowercased and without labels.Labels are supported so emails will be sent to
someone+test1@gmail.comandsomeone+test2@gmail.comif and only if thesomeone@gmail.comaddress is added in the authorized list.Not a substitute for blocklists!