Make sure Google email addresses are verified

This commit is contained in:
Joseph Schorr 2016-10-10 13:12:35 -04:00
parent 3a473cad2a
commit 0fc132cffb

View file

@ -113,6 +113,13 @@ def google_oauth_callback():
if not user_data or not user_data.get('id', None) or not user_data.get('email', None): if not user_data or not user_data.get('id', None) or not user_data.get('email', None):
return render_ologin_error('Google') return render_ologin_error('Google')
if not user_data.get('verified_email', False):
return render_ologin_error(
'Google',
'A verified e-mail address is required for login. Please verify your ' +
'e-mail address in Google and try again.',
)
username = get_email_username(user_data) username = get_email_username(user_data)
metadata = { metadata = {
'service_username': user_data['email'] 'service_username': user_data['email']
@ -196,6 +203,13 @@ def google_oauth_attach():
if not user_data or not user_data.get('id', None): if not user_data or not user_data.get('id', None):
return render_ologin_error('Google') return render_ologin_error('Google')
if not user_data.get('verified_email', False):
return render_ologin_error(
'Google',
'A verified e-mail address is required for login. Please verify your ' +
'e-mail address in Google and try again.',
)
google_id = user_data['id'] google_id = user_data['id']
user_obj = current_user.db_user() user_obj = current_user.db_user()