UserEnabledPlug: Don't authenticate unconfirmed users.
This commit is contained in:
parent
ff4af8c5ee
commit
5b5f855237
2 changed files with 24 additions and 3 deletions
|
@ -10,9 +10,13 @@ defmodule Pleroma.Plugs.UserEnabledPlug do
|
||||||
options
|
options
|
||||||
end
|
end
|
||||||
|
|
||||||
def call(%{assigns: %{user: %User{info: %{deactivated: true}}}} = conn, _) do
|
def call(%{assigns: %{user: %User{} = user}} = conn, _) do
|
||||||
conn
|
if User.auth_active?(user) do
|
||||||
|> assign(:user, nil)
|
conn
|
||||||
|
else
|
||||||
|
conn
|
||||||
|
|> assign(:user, nil)
|
||||||
|
end
|
||||||
end
|
end
|
||||||
|
|
||||||
def call(conn, _) do
|
def call(conn, _) do
|
||||||
|
|
|
@ -16,6 +16,23 @@ defmodule Pleroma.Plugs.UserEnabledPlugTest do
|
||||||
assert ret_conn == conn
|
assert ret_conn == conn
|
||||||
end
|
end
|
||||||
|
|
||||||
|
test "with a user that's not confirmed and a config requiring confirmation, it removes that user",
|
||||||
|
%{conn: conn} do
|
||||||
|
old = Pleroma.Config.get([:instance, :account_activation_required])
|
||||||
|
Pleroma.Config.put([:instance, :account_activation_required], true)
|
||||||
|
|
||||||
|
user = insert(:user, confirmation_pending: true)
|
||||||
|
|
||||||
|
conn =
|
||||||
|
conn
|
||||||
|
|> assign(:user, user)
|
||||||
|
|> UserEnabledPlug.call(%{})
|
||||||
|
|
||||||
|
assert conn.assigns.user == nil
|
||||||
|
|
||||||
|
Pleroma.Config.put([:instance, :account_activation_required], old)
|
||||||
|
end
|
||||||
|
|
||||||
test "with a user that is deactivated, it removes that user", %{conn: conn} do
|
test "with a user that is deactivated, it removes that user", %{conn: conn} do
|
||||||
user = insert(:user, info: %{deactivated: true})
|
user = insert(:user, info: %{deactivated: true})
|
||||||
|
|
||||||
|
|
Loading…
Reference in a new issue