3 files changed, 39 insertions, 1 deletions

diff --git a/server/lib/emailer.ts b/server/lib/emailer.ts
index bf8e5b6c3..9327792fb 100644
--- a/server/lib/emailer.ts
+++ b/server/lib/emailer.ts
@@ -89,6 +89,23 @@ class Emailer {
     return JobQueue.Instance.createJob({ type: 'email', payload: emailPayload })
   }
 
+  addVerifyEmailJob (to: string, verifyEmailUrl: string) {
+    const text = `Welcome to PeerTube,\n\n` +
+      `To start using PeerTube on ${CONFIG.WEBSERVER.HOST} you must  verify your email! ` +
+      `Please follow this link to verify this email belongs to you: ${verifyEmailUrl}\n\n` +
+      `If you are not the person who initiated this request, please ignore this email.\n\n` +
+      `Cheers,\n` +
+      `PeerTube.`
+
+    const emailPayload: EmailPayload = {
+      to: [ to ],
+      subject: 'Verify your PeerTube email',
+      text
+    }
+
+    return JobQueue.Instance.createJob({ type: 'email', payload: emailPayload })
+  }
+
   async addVideoAbuseReportJob (videoId: number) {
     const video = await VideoModel.load(videoId)
     if (!video) throw new Error('Unknown Video id during Abuse report.')
diff --git a/server/lib/oauth-model.ts b/server/lib/oauth-model.ts
index 09eaf75d1..2f8667e19 100644
--- a/server/lib/oauth-model.ts
+++ b/server/lib/oauth-model.ts
@@ -3,6 +3,7 @@ import { logger } from '../helpers/logger'
 import { UserModel } from '../models/account/user'
 import { OAuthClientModel } from '../models/oauth/oauth-client'
 import { OAuthTokenModel } from '../models/oauth/oauth-token'
+import { CONFIG } from '../initializers/constants'
 
 type TokenInfo = { accessToken: string, refreshToken: string, accessTokenExpiresAt: Date, refreshTokenExpiresAt: Date }
 
@@ -37,6 +38,10 @@ async function getUser (usernameOrEmail: string, password: string) {
 
   if (user.blocked) throw new AccessDeniedError('User is blocked.')
 
+  if (CONFIG.SIGNUP.REQUIRES_EMAIL_VERIFICATION && user.emailVerified === false) {
+    throw new AccessDeniedError('User email is not verified.')
+  }
+
   return user
 }
 
diff --git a/server/lib/redis.ts b/server/lib/redis.ts
index 0b4b41e4e..e4e435659 100644
--- a/server/lib/redis.ts
+++ b/server/lib/redis.ts
@@ -2,7 +2,7 @@ import * as express from 'express'
 import { createClient, RedisClient } from 'redis'
 import { logger } from '../helpers/logger'
 import { generateRandomString } from '../helpers/utils'
-import { CONFIG, USER_PASSWORD_RESET_LIFETIME, VIDEO_VIEW_LIFETIME } from '../initializers'
+import { CONFIG, USER_PASSWORD_RESET_LIFETIME, USER_EMAIL_VERIFY_LIFETIME, VIDEO_VIEW_LIFETIME } from '../initializers'
 
 type CachedRoute = {
   body: string,
@@ -60,6 +60,18 @@ class Redis {
     return this.getValue(this.generateResetPasswordKey(userId))
   }
 
+  async setVerifyEmailVerificationString (userId: number) {
+    const generatedString = await generateRandomString(32)
+
+    await this.setValue(this.generateVerifyEmailKey(userId), generatedString, USER_EMAIL_VERIFY_LIFETIME)
+
+    return generatedString
+  }
+
+  async getVerifyEmailLink (userId: number) {
+    return this.getValue(this.generateVerifyEmailKey(userId))
+  }
+
   setIPVideoView (ip: string, videoUUID: string) {
     return this.setValue(this.buildViewKey(ip, videoUUID), '1', VIDEO_VIEW_LIFETIME)
   }
@@ -135,6 +147,10 @@ class Redis {
     return 'reset-password-' + userId
   }
 
+  generateVerifyEmailKey (userId: number) {
+    return 'verify-email-' + userId
+  }
+
   buildViewKey (ip: string, videoUUID: string) {
     return videoUUID + '-' + ip
   }