1.5 KiB
1.5 KiB
Cisco FT SecureX Simplified Registration
- tags
- Auth
- source
- https://github.com/advthreat/response/issues/821
- dashboard
- https://github.com/advthreat/iroh/projects/32
.
Technical Plan
Support private email vs public emails
The solution is to use a blacklist of domains where any user could create multiple email accounts pseudo-anonymously.
Support, search admin with same email domain
We should be able given an email from a user, to find all the orgs for which at least one of its admin has a matching domain name.
- Most efficient: add an invisible field
email-domain
to all users. This should be lower-case, and we will need a migration. Doing this we could have a faster match than using string related queries.
Problems, users can login in the same user, with the same public email with different emails. This should be rare.
- Search via text match.
The algorithm should look a bit like:
;; only when this is an unknown user
(let [user-email ,,,
domain (string/replace user-email #".*@" "")
users (matching-admins domain) ;; returns a potentially big list of admin users
indexed-orgs (group-by :org-id users)]
(vals indexed-orgs))