[GH-ISSUE #4] Only allow users with verified email #6

New issue

Closed

opened 2026-02-27 15:38:56 +03:00 by kerem · 4 comments

kerem commented 2026-02-27 15:38:56 +03:00

Owner

Copy link

Originally created by @nishchayp on GitHub (Nov 30, 2017).
Original GitHub issue: https://github.com/nishchayp/DAMN/issues/4

Originally created by @nishchayp on GitHub (Nov 30, 2017). Original GitHub issue: https://github.com/nishchayp/DAMN/issues/4

kerem closed this issue 2026-02-27 15:38:56 +03:00

kerem commented 2026-02-27 15:38:56 +03:00

Author

Owner

Copy link

@ekamwalia commented on GitHub (Dec 9, 2017):

You mean something so that the first time a user tries to login, we verify if they actually have access before letting them make requests?

<!-- gh-comment-id:350431000 --> @ekamwalia commented on GitHub (Dec 9, 2017): You mean something so that the **first** time a user tries to login, we verify if they actually have access before letting them make requests?

kerem commented 2026-02-27 15:38:56 +03:00

Author

Owner

Copy link

@nishchayp commented on GitHub (Dec 9, 2017):

The json that google OAuth2 api sends as response has a key-value pair "email_verified: true/false". If false then either we can restrict them or redirect them to some link to verify their email if such a service is provided by google.

<!-- gh-comment-id:350432222 --> @nishchayp commented on GitHub (Dec 9, 2017): The json that google OAuth2 api sends as response has a key-value pair "email_verified: true/false". If false then either we can restrict them or redirect them to some link to verify their email if such a service is provided by google.

kerem commented 2026-02-27 15:38:56 +03:00

Author

Owner

Copy link

@ekamwalia commented on GitHub (Dec 9, 2017):

There is another thing. Anyone can login with OAuth and make a request to for admin priviledges and droplet access

Should we place an admin authorization first so that every user can make many requests only after being approved by an admin

<!-- gh-comment-id:350432694 --> @ekamwalia commented on GitHub (Dec 9, 2017): There is another thing. Anyone can login with OAuth and make a request to for admin priviledges and droplet access Should we place an admin authorization first so that every user can make many requests only after being approved by an admin

kerem commented 2026-02-27 15:38:56 +03:00

Author

Owner

Copy link

@nishchayp commented on GitHub (Dec 9, 2017):

A user is allowed to make only a single request, if that helps. Also how do you plan to implement it like IMO it would be added work for admins. But we can maybe think about it if everyone is fine with it and it brings some significant advantage.

<!-- gh-comment-id:350433363 --> @nishchayp commented on GitHub (Dec 9, 2017): A user is allowed to make only a single request, if that helps. Also how do you plan to implement it like IMO it would be added work for admins. But we can maybe think about it if everyone is fine with it and it brings some significant advantage.

kerem referenced this issue 2026-02-27 15:38:59 +03:00

[PR #6] [MERGED] implemented random state #14

kerem referenced this issue 2026-02-27 15:39:03 +03:00

[PR #30] [CLOSED] Linting #30

Sign in to join this conversation.

No Branch/Tag specified

Branches Tags

master

linting

frontend

daemonize

refactoring

error-handling

test-connection

admin-frontend

verified-email

logout

integrate-scripts

admin-routes

httprouter

random-state

No results found.

Labels

Clear labels   

pull-request

Mirrored from GitHub Pull Request

No labels

pull-request

Milestone

Clear milestone

No items

No milestone

Projects

Clear projects

No items

No project

Assignees

Clear assignees

No assignees

1 participant

Notifications

Subscribe

Due date

The due date is invalid or out of range. Please use the format "yyyy-mm-dd".

No due date set.

Dependencies

No dependencies set.

Reference

starred/DAMN#6

No description provided.