diff options
| author |  tobi <31960611+tsmethurst@users.noreply.github.com> | 2021-11-27 14:53:34 +0100 |
|---|---|---|
| committer |  GitHub <noreply@github.com> | 2021-11-27 14:53:34 +0100 |
| commit | ce22e03f9deaf424aa21c5cc0ef85e58992a7882 (patch) | |
| tree | 48711826e97c1590ae514791f5a6e910b98cfae8 /internal/oauth/util.go | |
| parent | run sqlite tests in parallel (#331) (diff) | |
| download | gotosocial-ce22e03f9deaf424aa21c5cc0ef85e58992a7882.tar.xz | |
Require confirmed email when checking oauth token (#332)
* move token checker to security package
* update tests with new security package
* add oauth token checking to security package
* check if user email confirmed when parsing token
Diffstat (limited to 'internal/oauth/util.go')
| -rw-r--r-- | internal/oauth/util.go | 3 |
1 files changed, 3 insertions, 0 deletions
diff --git a/internal/oauth/util.go b/internal/oauth/util.go index 2520fc784..540045f80 100644 --- a/internal/oauth/util.go +++ b/internal/oauth/util.go @@ -85,6 +85,9 @@ func Authed(c *gin.Context, requireToken bool, requireApp bool, requireUser bool if a.User.Disabled || !a.User.Approved { return nil, errors.New("user disabled or not approved") } + if a.User.Email == "" { + return nil, errors.New("user has no confirmed email address") + } } if requireAccount { |