See #1039: resend confirmation email on login if email is unverified

2025-10-05 20:51:55 +02:00 · 2020-04-01 15:24:40 +02:00 · 2020-04-01 15:24:40 +02:00 · b07bd83fa1
commit b07bd83fa1
parent 372bd4a6ee
9 changed files with 82 additions and 11 deletions
--- a/api/funkwhale_api/users/adapters.py
+++ b/api/funkwhale_api/users/adapters.py
@ -25,3 +25,7 @@ class FunkwhaleAccountAdapter(DefaultAccountAdapter):

    def get_login_redirect_url(self, request):
        return "noop"
+
+    def add_message(self, *args, **kwargs):
+        # disable message sending
+        return
--- a/api/funkwhale_api/users/auth_backends.py
+++ b/api/funkwhale_api/users/auth_backends.py
@ -43,9 +43,11 @@ class ModelBackend(backends.ModelBackend):
        return user if self.user_can_authenticate(user) else None

    def user_can_authenticate(self, user):
-        return super().user_can_authenticate(
-            user
-        ) and not authentication.should_verify_email(user)
+        can_authenticate = super().user_can_authenticate(user)
+        if authentication.should_verify_email(user):
+            raise authentication.UnverifiedEmail(user)
+
+        return can_authenticate


 class AllAuthBackend(auth_backends.AuthenticationBackend, ModelBackend):
--- a/api/funkwhale_api/users/jwt_views.py
+++ b/api/funkwhale_api/users/jwt_views.py
@ -1,8 +1,11 @@
 from rest_framework_jwt import views as jwt_views

+from . import serializers
+

 class ObtainJSONWebToken(jwt_views.ObtainJSONWebToken):
    throttling_scopes = {"*": {"anonymous": "jwt-login", "authenticated": "jwt-login"}}
+    serializer_class = serializers.JSONWebTokenSerializer


 class RefreshJSONWebToken(jwt_views.RefreshJSONWebToken):
--- a/api/funkwhale_api/users/oauth/server.py
+++ b/api/funkwhale_api/users/oauth/server.py
@ -8,8 +8,7 @@ def check(request):
    user = request.user
    request.user = user.__class__.objects.all().for_auth().get(pk=user.pk)
    if authentication.should_verify_email(request.user):
-        setattr(request, "oauth2_error", {"error": "unverified_email"})
-        return False
+        raise authentication.UnverifiedEmail(user)
    return True


--- a/api/funkwhale_api/users/serializers.py
+++ b/api/funkwhale_api/users/serializers.py
@ -7,8 +7,10 @@ from django.utils.translation import gettext_lazy as _
 from rest_auth.serializers import PasswordResetSerializer as PRS
 from rest_auth.registration.serializers import RegisterSerializer as RS, get_adapter
 from rest_framework import serializers
+from rest_framework_jwt import serializers as jwt_serializers

 from funkwhale_api.activity import serializers as activity_serializers
+from funkwhale_api.common import authentication
 from funkwhale_api.common import models as common_models
 from funkwhale_api.common import preferences
 from funkwhale_api.common import serializers as common_serializers
@ -36,6 +38,15 @@ username_validators = [ASCIIUsernameValidator()]
 NOOP = object()


+class JSONWebTokenSerializer(jwt_serializers.JSONWebTokenSerializer):
+    def validate(self, data):
+        try:
+            return super().validate(data)
+        except authentication.UnverifiedEmail as e:
+            authentication.send_email_confirmation(self.context["request"], e.user)
+            raise serializers.ValidationError("Please verify your email address.")
+
+
 class RegisterSerializer(RS):
    invitation = serializers.CharField(
        required=False, allow_null=True, allow_blank=True