From c3b940f89523d54d2e2baf436122a30fc0aafdd9 Mon Sep 17 00:00:00 2001
From: Frederick Muriuki Muriithi
Date: Mon, 3 Jun 2024 11:49:12 -0500
Subject: Handle unverified emails

If a user provides the correct credentials to login, but they are
unverified, redirect them to the email verification page, where they
are provided with a chance to verify their email, or send a new
verification code.
---
 gn_auth/auth/authentication/oauth2/views.py | 5 ++++-
 1 file changed, 4 insertions(+), 1 deletion(-)

(limited to 'gn_auth/auth/authentication/oauth2')

diff --git a/gn_auth/auth/authentication/oauth2/views.py b/gn_auth/auth/authentication/oauth2/views.py
index 7600ada..cf815ea 100644
--- a/gn_auth/auth/authentication/oauth2/views.py
+++ b/gn_auth/auth/authentication/oauth2/views.py
@@ -53,7 +53,7 @@ def authorise():
                 redirect_uri=request.args["redirect_uri"])
 
         form = request.form
-        def __authorise__(conn: db.DbConnection) -> Response:
+        def __authorise__(conn: db.DbConnection):
             email_passwd_msg = "Email or password is invalid!"
             redirect_response = redirect(url_for("oauth2.auth.authorise",
                                                  response_type=form["response_type"],
@@ -64,6 +64,9 @@ def authorise():
                     form.get("user:email"), check_deliverability=False)
                 user = user_by_email(conn, email["email"])
                 if valid_login(conn, user, form.get("user:password", "")):
+                    if not user.verified:
+                        return redirect(url_for(
+                            "oauth2.users.handle_unverified"), code=307)
                     return server.create_authorization_response(request=request, grant_user=user)
                 flash(email_passwd_msg, "alert-danger")
                 return redirect_response # type: ignore[return-value]
-- 
cgit v1.2.3