Merge pull request #914 from porter-dev/0.6.0-903-email-verification-config

[0.6.0] Turn off email verification if no email client

dashboard/src/main/Main.tsx

@@ -142,7 +142,7 @@ export default class Main extends Component<PropsType, StateType> {
           path="/register"
           render={() => {
             if (!this.state.isLoggedIn) {
-              return <Register authenticate={this.initialize} />;
+              return <Register authenticate={this.authenticate} />;
             } else {
               return <Redirect to="/" />;
             }

internal/forms/user.go

@@ -19,6 +19,9 @@ type CreateUserForm struct {
 	WriteUserForm
 	Email    string `json:"email" form:"required,max=255,email"`
 	Password string `json:"password" form:"required,max=255"`
+
+	// ignore this field from the json
+	EmailVerified bool `json:"-"`
 }
 
 // ToUser converts a CreateUserForm to models.User
@@ -30,8 +33,9 @@ func (cuf *CreateUserForm) ToUser(_ repository.UserRepository) (*models.User, er
 	}
 
 	return &models.User{
-		Email:    cuf.Email,
-		Password: string(hashed),
+		Email:         cuf.Email,
+		Password:      string(hashed),
+		EmailVerified: cuf.EmailVerified,
 	}, nil
 }
 

server/api/oauth_github_handler.go

@@ -222,7 +222,7 @@ func (app *App) upsertUserFromToken(tok *oauth2.Token) (*models.User, error) {
 		if err == gorm.ErrRecordNotFound {
 			user = &models.User{
 				Email:         primary,
-				EmailVerified: verified,
+				EmailVerified: !app.Capabilities.Email || verified,
 				GithubUserID:  githubUser.GetID(),
 			}
 

server/api/oauth_google_handler.go

@@ -146,7 +146,7 @@ func (app *App) upsertGoogleUserFromToken(tok *oauth2.Token) (*models.User, erro
 		if err == gorm.ErrRecordNotFound {
 			user = &models.User{
 				Email:         gInfo.Email,
-				EmailVerified: gInfo.EmailVerified,
+				EmailVerified: !app.Capabilities.Email || gInfo.EmailVerified,
 				GoogleUserID:  gInfo.Sub,
 			}
 

server/api/release_handler.go

@@ -3,13 +3,14 @@ package api
 import (
 	"encoding/json"
 	"fmt"
-	"gorm.io/gorm"
 	"net/http"
 	"net/url"
 	"strconv"
 	"strings"
 	"sync"
 
+	"gorm.io/gorm"
+
 	"github.com/porter-dev/porter/internal/analytics"
 	"github.com/porter-dev/porter/internal/kubernetes/prometheus"
 	"github.com/porter-dev/porter/internal/models"

server/api/user_handler.go

@@ -39,7 +39,10 @@ func (app *App) HandleCreateUser(w http.ResponseWriter, r *http.Request) {
 		app.handleErrorDataRead(err, w)
 	}
 
-	form := &forms.CreateUserForm{}
+	form := &forms.CreateUserForm{
+		// if app can send email verification, set the email verified to false
+		EmailVerified: !app.Capabilities.Email,
+	}
 
 	user, err := app.writeUser(
 		form,

server/middleware/auth.go

@@ -5,15 +5,16 @@ import (
 	"context"
 	"encoding/json"
 	"errors"
-	"github.com/google/go-github/github"
-	"github.com/porter-dev/porter/internal/oauth"
-	"golang.org/x/oauth2"
 	"io/ioutil"
 	"net/http"
 	"net/url"
 	"strconv"
 	"strings"
 
+	"github.com/google/go-github/github"
+	"github.com/porter-dev/porter/internal/oauth"
+	"golang.org/x/oauth2"
+
 	"github.com/go-chi/chi"
 	"github.com/gorilla/sessions"
 	"github.com/porter-dev/porter/internal/auth/token"
@@ -217,6 +218,14 @@ func (auth *Auth) DoesUserHaveProjectAccess(
 			}
 		}
 
+		// read the user and make sure the email is verified
+		user, err := auth.repo.User.ReadUser(userID)
+
+		if err != nil || !user.EmailVerified {
+			http.Error(w, http.StatusText(http.StatusForbidden), http.StatusForbidden)
+			return
+		}
+
 		// get the project
 		proj, err := auth.repo.Project.ReadProject(uint(projID))