From ad0d69027a58a111ef59fc43aaf6f70de097da5d Mon Sep 17 00:00:00 2001
From: verybadsoldier <vbs@springrts.de>
Date: Fri, 7 Apr 2023 12:52:10 +0200
Subject: [PATCH] added comment

---
 backend/app/api/handlers/v1/v1_ctrl_auth.go | 7 ++++---
 1 file changed, 4 insertions(+), 3 deletions(-)

diff --git a/backend/app/api/handlers/v1/v1_ctrl_auth.go b/backend/app/api/handlers/v1/v1_ctrl_auth.go
index 91c0be1..a4f03db 100644
--- a/backend/app/api/handlers/v1/v1_ctrl_auth.go
+++ b/backend/app/api/handlers/v1/v1_ctrl_auth.go
@@ -95,6 +95,7 @@ func (ctrl *V1Controller) HandleSsoHeaderLogin() errchain.HandlerFunc {
 		if !ctrl.headerSSOEnabled {
 			return validate.NewRequestError(errors.New("authentication failed. Header SSO is disaled"), http.StatusInternalServerError)			
 		}
+
 		{
 			t := strings.Split(r.RemoteAddr, ":")
 			if t[0] != ctrl.headerSSOAllowedIP {
@@ -115,15 +116,15 @@ func (ctrl *V1Controller) HandleSsoHeaderLogin() errchain.HandlerFunc {
 		if err != nil {
 			// user not found -> create it
 			var username = r.Header.Get("Remote-Name")
+
+			// if groups are provided, they will be comma-separated. take only the first group
 			var groups = r.Header.Get("Remote-Groups")
-
 		var groupArr = strings.Split(groups, ",")
-
 			groupTok := ""
 			if len(groupArr) > 0 {
 				groupTok = groupArr[0]
 			}
-			
+
 			regData := services.UserRegistration {
 				GroupToken: groupTok,
 				Name : username,