mirror of
https://github.com/goauthentik/authentik.git
synced 2026-06-18 11:29:26 +03:00
Dewi Roberts
c848a01e99
* Update doc * Update unique_email.md Signed-off-by: Dewi Roberts <dewi@goauthentik.io> * rewrite policy Signed-off-by: Jens Langhammer <jens@goauthentik.io> --------- Signed-off-by: Dewi Roberts <dewi@goauthentik.io> Signed-off-by: Jens Langhammer <jens@goauthentik.io> Co-authored-by: Jens Langhammer <jens@goauthentik.io>
949 B
949 B
title
| title |
|---|
| Ensure unique email addresses |
Due to the database design of authentik, email addresses are by default not required to be unique. However, this behavior can be changed using an expression policy.
The snippet below can be used in an expression policy within enrollment flows. The policy should be bound to any stage before the User write stage, or with the Prompt stage.
# Ensure this matches the *Field Key* value of the prompt
field_name = "email"
email = request.context["prompt_data"][field_name]
pending_user = request.context.get("pending_user")
from authentik.core.models import User
query = User.objects.filter(email__iexact=email)
if pending_user:
query = query.exclude(pk=pending_user.pk)
if query.exists():
ak_message("Email address in use")
return False
return True