da2eddfb5a
* website/docs: add example policy to enforce unique email address Signed-off-by: Jens Langhammer <jens@goauthentik.io> * reword Signed-off-by: Jens Langhammer <jens@goauthentik.io> --------- Signed-off-by: Jens Langhammer <jens@goauthentik.io>
759 B
759 B
title
| title |
|---|
| Ensure unique email addresses |
Due to the database design of authentik, email addresses are by default not required to be unique. This behavior can however be changed by policies.
The snippet below can as the expression in policies both with enrollment flows, where the policy should be bound to any stage before the User write stage, or it can be used with the Prompt stage.
from authentik.core.models import User
# Ensure this matches the *Field Key* value of the prompt
field_name = "email"
email = request.context["prompt_data"][field_name]
if User.objects.filter(email=email).exists():
ak_message("Email address in use")
return False
return True