From c6b70f13bb2c14562965e128e87b872de1e5d21f Mon Sep 17 00:00:00 2001 From: Walker Crouse Date: Mon, 16 Jan 2017 14:46:13 -0500 Subject: [PATCH] Add REQUIRE_EMAIL_CONFIRM setting Signed-off-by: Walker Crouse --- .gitignore | 3 +++ spongeauth/accounts/middleware.py | 5 +++-- spongeauth/accounts/views.py | 5 +++-- spongeauth/media/.gitkeep | 0 spongeauth/spongeauth/settings/base.py | 2 ++ spongeauth/spongeauth/settings/dev.py | 1 + spongeauth/spongeauth/settings/prod.py | 2 ++ 7 files changed, 14 insertions(+), 4 deletions(-) delete mode 100644 spongeauth/media/.gitkeep diff --git a/.gitignore b/.gitignore index de458432e..2744f742f 100644 --- a/.gitignore +++ b/.gitignore @@ -8,3 +8,6 @@ media/ .cache/ .tox/ .coverage +.idea +*.iml +.DS_Store diff --git a/spongeauth/accounts/middleware.py b/spongeauth/accounts/middleware.py index eb18818e5..9b32e585d 100644 --- a/spongeauth/accounts/middleware.py +++ b/spongeauth/accounts/middleware.py @@ -1,5 +1,6 @@ from django.urls import resolve from django.shortcuts import redirect +from django.conf import settings import django.urls.exceptions @@ -16,13 +17,13 @@ def __call__(self, request): @staticmethod def must_verify(user): - return user.is_authenticated() and not user.email_verified + return user.is_authenticated() and not user.email_verified and settings.REQUIRE_EMAIL_CONFIRM @staticmethod def may_pass(url): try: return getattr( - resolve(url).func, 'allow_without_verified_email', False) + resolve(url).func, 'allow_without_verified_email', False) or not settings.REQUIRE_EMAIL_CONFIRM except django.urls.exceptions.Resolver404: return False diff --git a/spongeauth/accounts/views.py b/spongeauth/accounts/views.py index f1f2cbff1..c8fef6e1c 100644 --- a/spongeauth/accounts/views.py +++ b/spongeauth/accounts/views.py @@ -199,7 +199,8 @@ def register(request): # _log_user_in must happen before sending the email, since the token # will change after the user has been logged in. resp = _log_user_in(request, user) - _send_verify_email(request, user) + if django_settings.REQUIRE_EMAIL_CONFIRM: + _send_verify_email(request, user) return resp return render(request, 'accounts/register.html', {'form': form}) @@ -251,7 +252,7 @@ def register_google(request): if user: resp = _log_user_in(request, user, skip_twofa=True) - if not user.email_verified: + if not user.email_verified and django_settings.REQUIRE_EMAIL_CONFIRM: # This must happen /after/ _log_user_in. _send_verify_email(request, user) return resp diff --git a/spongeauth/media/.gitkeep b/spongeauth/media/.gitkeep deleted file mode 100644 index e69de29bb..000000000 diff --git a/spongeauth/spongeauth/settings/base.py b/spongeauth/spongeauth/settings/base.py index cf6e5f562..31d8d904d 100644 --- a/spongeauth/spongeauth/settings/base.py +++ b/spongeauth/spongeauth/settings/base.py @@ -29,6 +29,8 @@ 'auth.spongepowered.org', ] +REQUIRE_EMAIL_CONFIRM = True + # Application definition diff --git a/spongeauth/spongeauth/settings/dev.py b/spongeauth/spongeauth/settings/dev.py index 5fc93c3a5..6227bd1e3 100644 --- a/spongeauth/spongeauth/settings/dev.py +++ b/spongeauth/spongeauth/settings/dev.py @@ -5,6 +5,7 @@ DEBUG = True ALLOWED_HOSTS += ['localhost', '127.0.0.1', '::1'] INTERNAL_IPS = ['127.0.0.1', '::1'] +REQUIRE_EMAIL_CONFIRM = False MIDDLEWARE = [ 'debug_toolbar.middleware.DebugToolbarMiddleware', diff --git a/spongeauth/spongeauth/settings/prod.py b/spongeauth/spongeauth/settings/prod.py index 563b9ac81..60840f10f 100644 --- a/spongeauth/spongeauth/settings/prod.py +++ b/spongeauth/spongeauth/settings/prod.py @@ -11,6 +11,8 @@ SECRET_KEY = os.environ['SECRET_KEY'] +REQUIRE_EMAIL_CONFIRM = True + DEFAULT_FROM_EMAIL = 'admin@spongepowered.org' SERVER_EMAIL = 'admin@spongepowered.org'