fix: oauth2 verification
This commit is contained in:
parent
e68c48a713
commit
4621a150e4
1 changed files with 9 additions and 8 deletions
|
@ -475,15 +475,16 @@ App::get('/v1/account/sessions/oauth2/:provider/redirect')
|
|||
if ($user === false || $user->isEmpty()) { // No user logged in or with OAuth2 provider ID, create new one or connect with account with same email
|
||||
$name = $oauth2->getUserName($accessToken);
|
||||
$email = $oauth2->getUserEmail($accessToken);
|
||||
|
||||
/**
|
||||
* Is verified is not used yet, since we don't know after an accout is created anymore if it was verified or not.
|
||||
*/
|
||||
$isVerified = $oauth2->isEmailVerified($accessToken);
|
||||
|
||||
if ($isVerified === true) {
|
||||
// Get user by email address
|
||||
$user = $dbForProject->findOne('users', [
|
||||
new Query('deleted', Query::TYPE_EQUAL, [false]),
|
||||
new Query('email', Query::TYPE_EQUAL, [$email])]
|
||||
);
|
||||
}
|
||||
$user = $dbForProject->findOne('users', [
|
||||
new Query('deleted', Query::TYPE_EQUAL, [false]),
|
||||
new Query('email', Query::TYPE_EQUAL, [$email])]
|
||||
);
|
||||
|
||||
if ($user === false || $user->isEmpty()) { // Last option -> create the user, generate random password
|
||||
$limit = $project->getAttribute('auths', [])['limit'] ?? 0;
|
||||
|
@ -503,7 +504,7 @@ App::get('/v1/account/sessions/oauth2/:provider/redirect')
|
|||
'$read' => ['role:all'],
|
||||
'$write' => ['user:' . $userId],
|
||||
'email' => $email,
|
||||
'emailVerification' => $isVerified,
|
||||
'emailVerification' => true,
|
||||
'status' => true, // Email should already be authenticated by OAuth2 provider
|
||||
'password' => Auth::passwordHash(Auth::passwordGenerator()),
|
||||
'passwordUpdate' => 0,
|
||||
|
|
Loading…
Reference in a new issue