website/docs: add example policy to enforce unique email address (#8955)
* website/docs: add example policy to enforce unique email address Signed-off-by: Jens Langhammer <jens@goauthentik.io> * reword Signed-off-by: Jens Langhammer <jens@goauthentik.io> --------- Signed-off-by: Jens Langhammer <jens@goauthentik.io>
This commit is contained in:
Jens L
19
website/docs/policies/working_with_policies/unique_email.md
Normal file
19
website/docs/policies/working_with_policies/unique_email.md
Normal file
@ -0,0 +1,19 @@
|
||||
---
|
||||
title: Ensure unique email addresses
|
||||
---
|
||||
|
||||
Due to the database design of authentik, email addresses are by default not required to be unique. This behavior can however be changed by policies.
|
||||
|
||||
The snippet below can as the expression in policies both with enrollment flows, where the policy should be bound to any stage before the [User write](../../flow/stages/user_write.md) stage, or it can be used with the [Prompt stage](../../flow/stages/prompt/index.md).
|
||||
|
||||
```python
|
||||
from authentik.core.models import User
|
||||
|
||||
# Ensure this matches the *Field Key* value of the prompt
|
||||
field_name = "email"
|
||||
email = request.context["prompt_data"][field_name]
|
||||
if User.objects.filter(email=email).exists():
|
||||
ak_message("Email address in use")
|
||||
return False
|
||||
return True
|
||||
```
|
||||
Reference in New Issue
Block a user