SpongePowered · lukegb · Jan 18, 2017 · Jan 16, 2017 · Jan 18, 2017
diff --git a/.gitignore b/.gitignore
@@ -8,3 +8,6 @@ media/
 .cache/
 .tox/
 .coverage
+.idea
+*.iml
+.DS_Store
diff --git a/spongeauth/accounts/middleware.py b/spongeauth/accounts/middleware.py
@@ -1,5 +1,6 @@
 from django.urls import resolve
 from django.shortcuts import redirect
+from django.conf import settings
 import django.urls.exceptions
 
 
@@ -16,7 +17,7 @@ def __call__(self, request):
 
     @staticmethod
     def must_verify(user):
-        return user.is_authenticated() and not user.email_verified
+        return user.is_authenticated() and not user.email_verified and settings.REQUIRE_EMAIL_CONFIRM
 
     @staticmethod
     def may_pass(url):

diff --git a/spongeauth/accounts/tests/test_middleware_enforce_verified_emails.py b/spongeauth/accounts/tests/test_middleware_enforce_verified_emails.py
@@ -23,6 +23,11 @@ def test_email_not_verified(self):
             email_verified=False)
         assert middleware.EnforceVerifiedEmails.must_verify(user)
 
+    @django.test.override_settings(REQUIRE_EMAIL_CONFIRM=False)
+    def test_setting_require_email_confirm(self):
+        user = accounts.tests.factories.UserFactory.build(email_verified=False)
+        assert not middleware.EnforceVerifiedEmails.must_verify(user)
+
 
 @django.test.override_settings(ROOT_URLCONF='accounts.tests.test_middleware_enforce_verified_emails')
 class TestMayPass(django.test.SimpleTestCase):

diff --git a/spongeauth/accounts/views.py b/spongeauth/accounts/views.py
@@ -199,7 +199,8 @@ def register(request):
             # _log_user_in must happen before sending the email, since the token
             # will change after the user has been logged in.
             resp = _log_user_in(request, user)
-            _send_verify_email(request, user)
+            if django_settings.REQUIRE_EMAIL_CONFIRM:
+                _send_verify_email(request, user)
             return resp
 
     return render(request, 'accounts/register.html', {'form': form})
@@ -251,7 +252,7 @@ def register_google(request):
 
     if user:
         resp = _log_user_in(request, user, skip_twofa=True)
-        if not user.email_verified:
+        if not user.email_verified and django_settings.REQUIRE_EMAIL_CONFIRM:
             # This must happen /after/ _log_user_in.
             _send_verify_email(request, user)
         return resp

diff --git a/spongeauth/media/.gitkeep b/spongeauth/media/.gitkeep
diff --git a/spongeauth/spongeauth/settings/base.py b/spongeauth/spongeauth/settings/base.py
@@ -29,6 +29,8 @@
     'auth.spongepowered.org',
 ]
 
+REQUIRE_EMAIL_CONFIRM = True
+
 
 # Application definition
 

diff --git a/spongeauth/spongeauth/settings/dev.py b/spongeauth/spongeauth/settings/dev.py
@@ -5,6 +5,7 @@
 DEBUG = True
 ALLOWED_HOSTS += ['localhost', '127.0.0.1', '::1']
 INTERNAL_IPS = ['127.0.0.1', '::1']
+REQUIRE_EMAIL_CONFIRM = False
 
 MIDDLEWARE = [
     'debug_toolbar.middleware.DebugToolbarMiddleware',