From d9eaee3939bf2e93e5d775d32bce77842201faba Mon Sep 17 00:00:00 2001 From: Josh Morel Date: Fri, 31 Aug 2018 03:18:19 -0400 Subject: add user account email verificiation (#977) * add user account email verificiation includes server and client code to: * enable verificationRequired via custom config * send verification email with registration * ask for verification email * verify via email * prevent login if not verified and required * conditional client links to ask for new verification email * allow login for verified=null these are users created when verification not required should still be able to login when verification is enabled * refactor email verifcation pr * change naming from verified to emailVerified * change naming from askVerifyEmail to askSendVerifyEmail * undo unrelated automatic prettier formatting on api/config * use redirectService for home * remove redundant success notification on email verified * revert test.yaml smpt host --- server/lib/oauth-model.ts | 5 +++++ 1 file changed, 5 insertions(+) (limited to 'server/lib/oauth-model.ts') diff --git a/server/lib/oauth-model.ts b/server/lib/oauth-model.ts index 09eaf75d1..2f8667e19 100644 --- a/server/lib/oauth-model.ts +++ b/server/lib/oauth-model.ts @@ -3,6 +3,7 @@ import { logger } from '../helpers/logger' import { UserModel } from '../models/account/user' import { OAuthClientModel } from '../models/oauth/oauth-client' import { OAuthTokenModel } from '../models/oauth/oauth-token' +import { CONFIG } from '../initializers/constants' type TokenInfo = { accessToken: string, refreshToken: string, accessTokenExpiresAt: Date, refreshTokenExpiresAt: Date } @@ -37,6 +38,10 @@ async function getUser (usernameOrEmail: string, password: string) { if (user.blocked) throw new AccessDeniedError('User is blocked.') + if (CONFIG.SIGNUP.REQUIRES_EMAIL_VERIFICATION && user.emailVerified === false) { + throw new AccessDeniedError('User email is not verified.') + } + return user } -- cgit v1.2.3