ff504a3b80
* create redirect stage * show "keep context" toggle in Flow mode only * fix typos * add docs Co-authored-by: Tana M Berry <tanamarieberry@yahoo.com> * simplify property pass * simplify toggle * remove `print` statements whoops * fix typo * remove default from `RedirectStage.mode` * remove migration Signed-off-by: Jens Langhammer <jens@goauthentik.io> * oops Signed-off-by: Jens Langhammer <jens@goauthentik.io> * adjust docs Co-authored-by: Tana M Berry <tanamarieberry@yahoo.com> --------- Signed-off-by: Jens Langhammer <jens@goauthentik.io> Co-authored-by: Tana M Berry <tanamarieberry@yahoo.com> Co-authored-by: Jens Langhammer <jens@goauthentik.io>
20 lines
806 B
Markdown
20 lines
806 B
Markdown
---
|
|
title: Ensure unique email addresses
|
|
---
|
|
|
|
Due to the database design of authentik, email addresses are by default not required to be unique. This behavior can however be changed by policies.
|
|
|
|
The snippet below can be used as the expression in policies both with enrollment flows, where the policy should be bound to any stage before the [User write](../../../add-secure-apps/flows-stages/stages/user_write.md) stage, or with the [Prompt stage](../../../add-secure-apps/flows-stages/stages/prompt/index.md).
|
|
|
|
```python
|
|
from authentik.core.models import User
|
|
|
|
# Ensure this matches the *Field Key* value of the prompt
|
|
field_name = "email"
|
|
email = request.context["prompt_data"][field_name]
|
|
if User.objects.filter(email=email).exists():
|
|
ak_message("Email address in use")
|
|
return False
|
|
return True
|
|
```
|