open-source-mirrors
/
overseerr
mirror of https://github.com/sct/overseerr
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

fix(oidc): invalidate when email not verified

Browse Source
pull/2792/head
Jakob Ankarhem 3 years ago committed by Jakob Ankarhem
parent 079b84c5ea
commit afeefec9e1
No known key found for this signature in database
GPG Key ID: 149CBB661002B3BE
1 changed files with 2 additions and 0 deletions
Show Stats Download Patch File Download Diff File

2
server/routes/auth.ts
Unescape View File

@ -514,6 +514,7 @@ authRoutes.get('/oidc-callback', async (req, res, next) => {
oidcClientId: oidcClientId,
oidcDomain: oidcDomain,
});
await jwtSchema.validate(decoded);
} catch {
logger.info('Failed OIDC login attempt', {
@ -534,6 +535,7 @@ authRoutes.get('/oidc-callback', async (req, res, next) => {
ip: req.ip,
email: decoded.email,
});
return res.redirect('/login');
}
const userRepository = getRepository(User);

Write Preview
Loading…
Cancel
Save