I am considering using Grav for a company intranet. We currently use Google Apps for everything, and so I am really excited that Grav supports “Sign in with Google”. However, I would need to be able to configure it to only allow users to authenticate that had an email address belonging to our email domain.
I haven’t looked into the plugin code yet, but the docs didn’t mention this as a feature. I’m sure I could do it with some creative PHP, but i’d rather not mess around with it if there is a built in way, or a better way. Anyone have any input?
Right now the oauth capability is coded into the login plugin but we are discussing breaking this out into a plugin that enhances login. This would also mean you could more easily fork or create your own authentication plugin.
Thanks for the reply. I’ll stay tuned. In the meantime I may build something that can intercept a login request, and just do email domain validation in php before submitting to google.