Skip to content

Adds ability to prevent login with unverified emails #2175

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
merged 1 commit into from
Jul 4, 2016
Merged

Adds ability to prevent login with unverified emails #2175

merged 1 commit into from
Jul 4, 2016

Conversation

cherukumilli
Copy link
Contributor

@cherukumilli cherukumilli commented Jun 29, 2016
edited
Loading

This is an update based on the feedback from #2165

Adds a new config variable

psuedo code for usage of new config variable: preventLoginWithUnverifiedEmail

If
preventLoginWithUnverifiedEmail is true and
verifyUserEmails is true and
emailVerified is false
then
/login
will fail with the following error
User email is not verified.

This code is completely backward compatible and will not break any of the existing code.

Adds 3 new test cases

  • prevents user from login if email is not verified but preventLoginWithUnverifiedEmai is set to true
  • allows user to login only after user clicks on the link to confirm email address if preventLoginWithUnverifiedEmail is set to true
  • allow user to login if email is not verified but preventLoginWithUnverifiedEmail is set to false

Updated README file

The following shows how to use the new config parameter (preventLoginWithUnverifiedEmail)

var server = ParseServer({
  ...otherOptions,
  // Enable email verification
  verifyUserEmails: true,

  // set preventLoginWithUnverifiedEmail to false to allow user to login without verifying their email
  // set preventLoginWithUnverifiedEmail to true to prevent user from login if their email is not verified
  preventLoginWithUnverifiedEmail: false, // defaults to false

  // The public URL of your app.
  // This will appear in the link that is used to verify email addresses and reset passwords.
  // Set the mount path as it is in serverURL
  publicServerURL: 'https://example.com/parse',
...

Please let me know if you need any more info in the PR to help merge it.

@cherukumilli
Copy link
Contributor Author

@flovilmart
Can you please take a look at my updates when you get a few minutes?
This is my first PR to parse. I just want to make sure that I am not missing anything here.

flovilmart
flovilmart reviewed Jul 2, 2016
View reviewed changes
README.md
@@ -209,6 +209,8 @@ var server = ParseServer({
...otherOptions,
// Enable email verification
verifyUserEmails: true,
// prevent login with unverified email
preventLoginWithUnverifiedEmail: true, // defaults to false
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I'd put false in the readme, as it's the default value

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Done

@flovilmart
Copy link
Contributor

Can you add a test that would ensure a user with verifiedEmail == true can login correctly?

@cherukumilli
Copy link
Contributor Author

cherukumilli commented Jul 3, 2016
edited
Loading

@flovilmart
I added a third test case to ensure a user with emailVerified set to true can login correctly.
I also updated the README.md as per your suggestion

@ghost
Copy link

ghost commented Jul 3, 2016

@cherukumilli updated the pull request.

1 similar comment
@ghost
Copy link

ghost commented Jul 3, 2016

@cherukumilli updated the pull request.

@flovilmart
Copy link
Contributor

This looks good to me

@flovilmart flovilmart merged commit 08c63f3 into parse-community:master Jul 4, 2016
@cherukumilli cherukumilli deleted the prevent-login-with-unverified-email branch July 4, 2016 18:52
@natanrolnik natanrolnik mentioned this pull request Jul 5, 2016
Closed
rsouzas pushed a commit to back4app/parse-server that referenced this pull request Mar 15, 2017
@cherukumilli
Adds ability to prevent login with unverified emails (parse-community…
342f6ec 
…#2175)
rsouzas pushed a commit to back4app/parse-server that referenced this pull request Mar 16, 2017
@cherukumilli
Adds ability to prevent login with unverified emails (parse-community…
89cca4c 
…#2175)
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
2 participants
@cherukumilli @flovilmart