Skip to content

Commit

Permalink
Note that you can throw a 403 from check_allowed
Browse files Browse the repository at this point in the history
  • Loading branch information
yuvipanda committed Jan 25, 2024
1 parent 041acbc commit 7f8eef5
Showing 1 changed file with 4 additions and 1 deletion.
5 changes: 4 additions & 1 deletion jupyterhub/auth.py
Original file line number Diff line number Diff line change
Expand Up @@ -453,7 +453,10 @@ def normalize_username(self, username):
def check_allowed(self, username, authentication=None):
"""Check if a username is allowed to authenticate based on configuration
Return True if username is allowed, False otherwise.
Return True if username is allowed, False otherwise. Subclasses can also
raise a `web.HTTPError(403, message)` to immediately *deny* access and show
the end user the given message.
No allowed_users set means any username is allowed.
Names are normalized *before* being checked against the allowed set.
Expand Down

0 comments on commit 7f8eef5

Please sign in to comment.