Allow users to escape 'Not authorized' when their email address is not found on the allow-list #286
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Hi, love the project and thanks for maintaining @thomseddon
Okay so, I've run into an issue where a user will authenticate with an erroneous email address and then be stuck on 'Not authorized', I don't think it's anything new, and the issue seems well documented with #147 and #103
The current workflow for remedying the issue currently seems to be to clear your auth cookie manually which is a little bit awkward for end-users.
My goal with this pull request was to create a more user-friendly workflow for allowing the user to retry with a new email address, without degrading any security features of the project.
My intention was as follows:
This is my first time touching Go, so definitely check over my changes.
Thanks again,
Luis