1.3 KiB
1.3 KiB
Cisco FT SecureX Simplified Registration
- tags
- Auth
- source
- https://github.com/advthreat/response/issues/821
- dashboard
- https://github.com/advthreat/iroh/projects/32
.
Technical Plan
Support private email vs public emails
The solution is to use a blacklist of domains where any user could create multiple email accounts pseudo-anonymously.
Support, search admin with same email domain
We should be able given an email from a user, to find all the orgs for which at least one of its admin has a matching domain name.
- Most efficient: add an invisible field
email-domain
to all users. This should be lower-case, and we will need a migration. Doing this we could have a faster match than using string related queries.
Problems, users can login in the same user, with the same public email with different emails. This should be rare.
- Search via text match.
The algorithm should look a bit like:
(let [user-email ,,,
users (matching-users)
]
)