1
0
Fork 0
mirror of https://we.phorge.it/source/phorge.git synced 2024-11-28 17:52:43 +01:00
phorge-phorge/src/applications/auth
epriestley 3a035c02e7 Recover more flexibly from an already-verified email
Summary:
Ref T4140. We could hit a redirect loop for a user with a verified primary email address but no "is verified" flag on their account. This shouldn't be possible since the migration should have set the flag, but we can deal with it more gracefully when it does happen (maybe because users forgot to run `storage/upgrade`, or because of ghosts).

In the controller, check the same flag we check before forcing the user to the controller.

When verifying, allow the verification if either the email or user flag isn't set.

Test Plan: Hit `/login/mustverify/`; verified an address.

Reviewers: btrahan

Reviewed By: btrahan

CC: aran

Maniphest Tasks: T4140

Differential Revision: https://secure.phabricator.com/D7621
2013-11-21 14:41:32 -08:00
..
application Fix new logged-out "Login" button URI and workflowiness 2013-11-13 11:48:24 -08:00
controller Recover more flexibly from an already-verified email 2013-11-21 14:41:32 -08:00
editor Allow authentication providers to store and customize additional configuration 2013-06-18 10:02:34 -07:00
management Allow "bin/auth recover" to succeed before phabricator.base-uri is set 2013-11-20 10:36:00 -08:00
provider Land to GitHub + support stuff 2013-11-13 17:25:24 -08:00
query Lock policy queries to their applications 2013-10-21 17:20:27 -07:00
storage Explain policy exception rules to users 2013-09-27 08:43:41 -07:00
view Send old login code to the bottom of the sea 2013-06-19 01:33:27 -07:00