feat: restrict Gitea OIDC to activity users

2026-06-03 22:16:02 +02:00
parent 1d3c25f855
commit 5bef06b5d2
1 changed files with 4 additions and 0 deletions
@@ -112,6 +112,10 @@ async def authorize(
            status_code=302,
        )
    # Per-client access control
    if client_id == "gitea" and not user.activity_access:
        return _err("access_denied", "Gitea access is restricted to activity users")
    # Issue authorization code
    code = create_oauth2_code(
        deps._get_db(),