Skip to content

Commit

Permalink
fix: emails must be verified before account can be used
Browse files Browse the repository at this point in the history
  • Loading branch information
@brettski
brettski committed Oct 19, 2023
1 parent 832e381 commit 32a3d5c
Show file tree
Hide file tree
Showing 2 changed files with 10 additions and 2 deletions.
2 changes: 1 addition & 1 deletion package.json
View file
Original file line number Diff line number Diff line change
@@ -1,6 +1,6 @@
{
"name": "that-us",
"version": "3.15.0",
"version": "3.15.1",
"description": "THAT.us website",
"main": "index.js",
"type": "module",
Expand Down
10 changes: 9 additions & 1 deletion src/hooks.server.js
View file
Original file line number Diff line number Diff line change
Expand Up @@ -49,6 +49,10 @@ async function authorization({ event, resolve }) {
}
throw redirect(303, `/login-redirect?returnTo=${toPath}`);
}

if (!session.user.sub.startsWith('twitter') && session.user?.emailVerified === false) {
throw redirect(307, `/verify-account`);
}
}

return resolve(event);
Expand Down Expand Up @@ -85,11 +89,14 @@ const authConfig = {
return baseUrl;
},
jwt(jwtGoo) {
const { account, token } = jwtGoo;
const { account, token, profile } = jwtGoo;
if (account) {
token.accessToken = account.access_token;
token.idToken = account.id_token;
}
if (profile) {
token.emailVerified = profile.email_verified;
}
return token;
},
session(sessionGoo) {
Expand All @@ -98,6 +105,7 @@ const authConfig = {
session.idToken = token.idToken;
session.user.id = token.sub;
session.user.sub = token.sub;
session.user.emailVerified = token.emailVerified;
const payload = parseOnly(token.accessToken);
if (payload) {
const { permissions } = payload;
Expand Down

0 comments on commit 32a3d5c

Please sign in to comment.