[BUG] OAuth whitelisted users being rejected #649
Description
Describe the bug
When using OAuth (Google as a provider in my case), some users may encounter an "Unauthorized" error despite being part of the whitelist set in the docker compose file.
To Reproduce
Steps to reproduce the behavior:
- Set a comma-delimited list of user emails for the
OAUTH_WHITELISTdocker compose variable - Have user attempt to login
- User is rejected with message "The user with username
<EMAIL_HERE>is not authorized to login"
Expected behavior
Comma-delimited users set using the OAUTH_WHITELIST docker compose variable should be allowed.
Logs
WRN internal/controller/oauth_controller.go:156 > Email not whitelisted email=<EMAIL_HERE>
Device (please complete the following information):
- OS: Debian 13 LXC
- Browser: Firefox
- Tinyauth: v4.1.0
- Docker 29.1.2
**
Additional context
I have a dozen or so user emails set for my OAuth whitelist, which may be a cause (due to length of the comma-delimited string). I've tried a single env var in an .env file with all the emails, yet the last few emails failed authentication/whitelisting. I've also tried splitting up emails across multiple env vars in my .env file and concatenating them within the compose OAUTH_WHITELIST variable, yet this also led to one of the emails not being "whitelisted". I've also tried having this comma-delimited list directly set in the compose file to no avail.
It would be nice (and might fix this issue) if we could provide a OAUTH_WHITELIST_FILE similar to the USERS_FILE variable. That way, users could be specified, one per line, in a file that could then be passed as a docker compose secrets file.